Question about Computers & Internet

1 Answer

How we can capture a tcp packet using java program

Actually capturing means to inspect the packets to find out any types of network attacks, and illegal access to sensitive files or devices

Posted by on

1 Answer

  • Level 1:

    An expert who has achieved level 1.

    Hot-Shot:

    An expert who has answered 20 questions.

    Corporal:

    An expert that hasĀ over 10 points.

    Mayor:

    An expert whose answer gotĀ voted for 2 times.

  • Contributor
  • 30 Answers

Hi!

1. If you want to write a packet sniffer in java, please review this
useful links:
http://www.rohitab.com/discuss/lofiversion/index.php/t28724.html

jpcap:
http://netresearch.ics.uci.edu/kfujii/jpcap/doc/samples.html

I suggest to use the jpcap library it developed for packet capturing and it contains sample code too.



2. If you want to search for a simple exe program which captures
the ethenet packets wireshark is a good solution:
www.wireshark.org




Posted on Jan 07, 2009

1 Suggested Answer

6ya6ya
  • 2 Answers

SOURCE: I have freestanding Series 8 dishwasher. Lately during the filling cycle water hammer is occurring. How can this be resolved

Hi,
a 6ya expert can help you resolve that issue over the phone in a minute or two.
best thing about this new service is that you are never placed on hold and get to talk to real repairmen in the US.
the service is completely free and covers almost anything you can think of (from cars to computers, handyman, and even drones).
click here to download the app (for users in the US for now) and get all the help you need.
goodluck!

Posted on Jan 02, 2017

Add Your Answer

Uploading: 0%

my-video-file.mp4

Complete. Click "Add" to insert your video. Add

×

Loading...
Loading...

Related Questions:

1 Answer

Why Addresses in the IP Address Pool on a Switch Are Exhausted When the Switch Functions as a DHCP Server and It Has a Few Clients?


If the IP address pool has much more resources than needs of clients, the following two reasons may cause address exhaustion:
1. An attacker keeps changing the CHADDR field and sending DHCP Discover packets to exhaust addresses. If so, contact Huawei engineers to deploy DHCP snooping to protect the IP address pool.
2. The DHCP server ping function is enabled on the DHCP server. This function tries to ping the allocated addresses before responding to DHCP Offer packets. If a client responds to any ping packet, the DHCP server considers that there are address conflicts and addresses are exhausted. To solve this problem, two methods are available:
1. Capture packets on the ports connected to the DHCP server. If a client responds to ping packets, prohibit the client.
2. Disable the DHCP server ping function using the undo dhcp server ping packet command.
3. Such as S5700, S6700

Aug 01, 2016 | Computers & Internet

Tip

How do latency and packet loss determine network performance and what can be...


The triumvirate of network performance metrics are packet loss, latency and jitter.

Almost all network applications use TCP (Transmission Control Protocol) to get their data from point A to point B. About 85% of the overall internet's traffic is TCP, of which specific aspect is that it completely hides the packet-based nature of the network from applications. Whether an application hands a single character or a multi-megabyte file to TCP, puts the data in packets and sends it on its way over the network. The internet is a scary place for packets trying to find their way: it's not uncommon for packets to be lost and never make it across, or to arrive in a different order than they were transmitted. TCP retransmits lost packets and puts data back in the original order if needed before it hands over the data to the receiver. This way, applications don't have to worry about those eventualities.

Network latency
TCP has a number of mechanisms to get good performance in the presence of high latencies:
1) Make sure enough packets are kept "in flight". Simply sending one packet and then waiting for the other side to say "got it, send then next one" doesn't cut it; that would limit throughput to five packets per second on a path with a 200 ms RTT. So TCP tries to make sure it sends enough packets to fill up the link, but not so many that it oversaturates the link or path. This works well for big data transfers.
2) For smaller data transfers TCP uses a "slow start" mechanism. Because TCP has to wait for acknowledgments from the receiver, more latency means more time spent in slow start. Web browser performance used to be limited by slow start a lot, but browsers started to reuse TCP sessions that were already out of slow start to download additional images and other elements rather than keep opening new TCP sessions.
3) Also you may use simple open-transfer-close-open-transfer-close sequences that work well on low latency networks but slow down a lot over larger distances or on bandwidth-limited networks, which also introduce additional latency.
4) Try to use a DNS server close by. Every TCP connection is preceded by a DNS lookup. If the latency towards the DNS server is substantial, this slows down the entire process.

Packet loss
Packets are lost in networks for two reasons:
1) Every transmission medium will flip a bit once in a while, and then the whole packet is lost. Wireless typically sends extra error correction bits, but those can only do so much. If such an error occurs, the lost packet needs to be retransmitted. This can hold up a transfer.
But if network latency or packet loss get too high, TCP will run out of buffer space and the transfer has to stop until the retransmitted lost packet has been received. In other words: high latency or high loss isn't great, but still workable, but high latency and high loss together can slow down TCP to a crawl.
2) Another reason packets get lost is too many packets in a short time: TCP is sending so fast that router/switch buffers fill up faster than packets can be transmitted.If TCP has determined that the network can only bear very conservative data transfer speeds, and slow start really does its name justice, it's faster to stop a download and restart it rather than to wait for TCP to recover.
Jitter - is the difference between the latency from packet to packet
Obviously, the speed of light isn't subject to change, and fibers tend to remain the same length. So latency is typically caused by buffering of packets in routers and switches terminating highly utilized links. (Especially on lower bandwidth links, such as broadband or 3G/4G links.) Sometimes a packet is lucky and gets through fast and sometimes the queue is longer than usual. For TCP, this isn't a huge problem, although this means that TCP has to use a conservative value for its RTT estimate and timeouts will take longer. However, for (non-TCP) real-time audio and video traffic, jitter is very problematic, because the audio/video has to be played back at a steady rate. This means the application either has to buffer the "fast" packets and wait for the slow ones, which can add user-perceptible delay, or the slow packets have to be considered lost, causing dropouts.

In conclusion, in networks that use multiple connections to the internet, it can really pay off to avoid paths that are much longer and thus incur a higher latency than alternative paths to the same destination, as well as congested paths with elevated packet loss. The path selecting process can be performed automatically: learnhow to automate evaluation of packet loss and latencyacross multiple providers to choose the best performing route.

on Jan 27, 2015 | Computers & Internet

1 Answer

WHAT ARE THE PORT RANGES FOR ADDRESSES


Usable tcp and udp ports range from 1 to 65535. However you should not need to open any ports by default. Most routers include a stateful packet inspection (SPI) firewall. This is a fancy way of saying the router inspects the packet on it's way out to the internet when a computer on the inside of the firewall sends it out to the internet. The firewall will only allow connections from the internet on that TCP or UDP port if it returns from the original destination. For example, if you send a packet requesting the web page at cisco.com, the firewall will only allow traffic back into your network on TCP port 80 from the web server at cisco.com. If a packet from any other IP address tries to piggyback into your network through tcp port 80, the firewall will block it.

The only reason to open ports on your firewall is to allow a server inside your network to receive unsolicited traffic e.g. a web server inside your network may need TCP port 80 and 443 (HTTP and HTTPS) opened if you want to be able to access it from the internet. A mail server may need port 25 and 110 open for SMTP/POP e-mail. However, most home users do not host their own mail or web servers.

Mar 22, 2014 | Cisco Linksys Refurbished E3000...

1 Answer

Catch packet on motorola sb5100e cable modem


Not sure exactly what you are trying to accomplish but WireShark works well at capturing any network traffic.

Apr 12, 2010 | Arris SB5100 SURFboard DOCSIS 2.0 Cable...

1 Answer

Though this is called a 'hub' it appears to actually be a switch as I cant packet capture traffic of other connected devices. Am I right about it being a switch? linksys etherfast efah08w 8x10 100 mbps


Despite the fact that the product bills itself as a "hub" in the product description Linksys mentions "Internal store-and-forward switching for effective traffic reduction" which is only used in switch gear.

I think you have a switch on your hands. Otherwise, you may have a problem with your packet capture software.

Oct 30, 2009 | Linksys EtherFast EFAH08W (73P2325)...

1 Answer

Packet capture


You can go with any G or higher series adaptor with an antenna, I have brought a very cheap usb wireless network adaptor without anteena and modified it by attaching a reflector and antenna which has drastically improved the signal gain and range.

Oct 08, 2009 | Computers & Internet

1 Answer

Conversion of SNMP to TCP/IP packet


Hi!


I suggest the following:
Install a packet analyzer to the target machine.
This program helps you observe and analyze the network traffic real time. It is helpful for debug the network packets, look inside how the frames is structured. The Wireshark is quite popular debugger tool. Install it and check TCP/IP and SNMP packets with it.
Here is it:
http://www.wireshark.org/download.html

Second:
There is a lot of information on the internet about the SNMP freame formats and TCP/IP protocol.
Here are some useful links:
http://www.tcpipguide.com/free/t_SNMPMessageFieldDefinitionsGeneralMessageFormatand.htm
http://www.dpstele.com/layers/l2/snmp_l2_tut_part1.php
http://www.rane.com/note161.html
A lot of RFC documents write down the SNMP protocol.

Here are somple helpful VC++ programs:
https://www.planet-source-code.com/vb/scripts/ShowCode.asp?txtCodeId=7949&lngWId=3

I suggest using free tools to test your network device:
http://manageengine.adventnet.com/products/oputils/free-snmp-tools.html









Dec 30, 2008 | Computers & Internet

1 Answer

Wireshark


NOT TOO CLEAR TO MY TEAM

source:
solution dictionary for fixing all pc problems on htpp://www.tinyurl.com/52mwor
http://www.digitalpowering.blogspot.com

Apr 06, 2008 | Microsoft Windows XP Professional for PC

1 Answer

Communication problems over IP phone


I have found many possible causes. Firmware Levels Outdated firmware in routers, VOIP phones, Firewalls, etc. can cause one-way audio. Ensure you have the latest updates for all the devices in the call path. Configuration Particularly if NAT is involved in the call path, configuration of the various devices may be a problem. Check to see if all devices are configured appropiately for your envioronment. Has anything changed, carriers harware, quos settings on router ? packet loss to these locations should be tested @ time it happens most, don't use it as gospel retur, ttl and re-xmits' do same.. Bob Finding the Cause The basic troubleshooting technique is to use a tool like Ethereal to capture SIP and RTP packets at each point in the call path where packets could be lost. Interperting the resulting captured packets requires some familarity with how networking and VOIP work. For example if the call path is: VOIP phone/device ---- firewall ---- sip proxy ---- firewall ---- asterisk Troubleshooting Steps Start capturing at point Make a VOIP call that will have one-way audio Analyze capture If problem found, fix and retest Otherwise move capture point to the next point (a, b, c, d, etc) and start over If the problem is intermittent, then a long term simultanous capture at multiple points can be used to attempt to capture a comple call with the problem. Most capture tools will let you capture only traffic from selected devices, so the volume of captured information can be kept to a reasonable size. If a back-to-back SIP user agent (for example a Session Border Controller ) is part of of the call path, then it may be necessary to capture all VOIP traffic at some points to ensure catching the wanted call since the IP addresses can change when traversing this device. Resources How To Debug and Troubleshoot VOIP

Nov 14, 2006 | Nortel I2002 IP Phone w/Text Keycaps, No...

Not finding what you are looking for?
Computers & Internet Logo

Related Topics:

802 people viewed this question

Ask a Question

Usually answered in minutes!

Top Computers & Internet Experts

Brian Sullivan
Brian Sullivan

Level 3 Expert

27725 Answers

kakima

Level 3 Expert

102366 Answers

David Payne
David Payne

Level 3 Expert

14161 Answers

Are you a Computer and Internet Expert? Answer questions, earn points and help others

Answer questions

Manuals & User Guides

Loading...