+ Post New Thread
Results 1 to 7 of 7
Wired Networks Thread, Packet Sniffers in Technical; Anyone know anything about packet sniffers? It looks like we have something generating broadcast storms/excessive Internet traffic, and I need ...
  1. #1
    enjay's Avatar
    Join Date
    Apr 2007
    Location
    Reading, Berkshire, UK
    Posts
    4,488
    Thank Post
    282
    Thanked 196 Times in 167 Posts
    Rep Power
    76

    Packet Sniffers

    Anyone know anything about packet sniffers? It looks like we have something generating broadcast storms/excessive Internet traffic, and I need to find it, as it is killing our bandwidth. One method is obviously to unplug everything and re-introduce it segment at a time, but that is both time-consuming and highly disruptive.

    I know there are products out there which do this (heck, I sold them for a little while!), but don't really know where to start analysing the data which they return - are they any bluffers' guides or products which are relatively straight-forward to use?

  2. #2

    RabbieBurns's Avatar
    Join Date
    Apr 2008
    Location
    Sydney
    Posts
    5,527
    Thank Post
    1,339
    Thanked 470 Times in 307 Posts
    Blog Entries
    6
    Rep Power
    200
    Use wireshark and it will highlight eveyrhitng colour coded. You can spot the broadcasts a mile off and if something is flooding its even more obviois,.

    It will show source MAC and IP address which will let you track down the rogue device pretty easy.

    we had a hp 2600 shot itself, it was sending out a dhcp request and ignoring the replies and flooding the network with dhcp req's. Found and isolated it pretty promtpt.y

  3. Thanks to RabbieBurns from:

    enjay (5th March 2012)

  4. #3
    enjay's Avatar
    Join Date
    Apr 2007
    Location
    Reading, Berkshire, UK
    Posts
    4,488
    Thank Post
    282
    Thanked 196 Times in 167 Posts
    Rep Power
    76
    Thanks. Do I need to get a special Ethernet adapter, or will it work on the standard one?

  5. #4

    Ric_'s Avatar
    Join Date
    Jun 2005
    Location
    London
    Posts
    7,600
    Thank Post
    109
    Thanked 769 Times in 598 Posts
    Rep Power
    181
    Quote Originally Posted by enjay View Post
    Thanks. Do I need to get a special Ethernet adapter, or will it work on the standard one?
    Nothing special required... just download and go.

  6. #5
    enjay's Avatar
    Join Date
    Apr 2007
    Location
    Reading, Berkshire, UK
    Posts
    4,488
    Thank Post
    282
    Thanked 196 Times in 167 Posts
    Rep Power
    76
    Well, that's progress. When I worked for a company selling these things, we also sold special NICs, something about some NICs not being able to capture packets which are destined to other computers; also had to mess around with port mirroring, as I recall.

  7. #6

    teejay's Avatar
    Join Date
    Apr 2008
    Posts
    3,181
    Thank Post
    285
    Thanked 774 Times in 584 Posts
    Rep Power
    336
    You only need to do port mirroring if you are looking for traffic going to/from a specific port, so you may need to set that up on your switch if you need to look at traffic going to the internet or a specific location. If it's general broadcast stuff, every nic will receive it so worth checking that out first.

  8. #7
    enjay's Avatar
    Join Date
    Apr 2007
    Location
    Reading, Berkshire, UK
    Posts
    4,488
    Thank Post
    282
    Thanked 196 Times in 167 Posts
    Rep Power
    76
    Okay, that's running - I'll start a new thread with the potential issues it has found...

SHARE:
+ Post New Thread

Similar Threads

  1. Packet analyser
    By Talorin in forum Wireless Networks
    Replies: 4
    Last Post: 27th January 2009, 03:41 PM
  2. North Yorkshire Broadband - Slow? Packet loss?
    By contink in forum Yorkshire & Humberside Grid for Learning (YHGfL)
    Replies: 3
    Last Post: 20th January 2009, 03:33 PM
  3. Packet Sniffing
    By theeldergeek in forum Wireless Networks
    Replies: 7
    Last Post: 2nd April 2008, 02:10 PM
  4. SMB Packets
    By AJT1 in forum Wireless Networks
    Replies: 6
    Last Post: 12th February 2008, 12:56 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •