+ Post New Thread
Results 1 to 7 of 7
Wired Networks Thread, Packet Sniffers in Technical; Anyone know anything about packet sniffers? It looks like we have something generating broadcast storms/excessive Internet traffic, and I need ...
  1. #1
    enjay's Avatar
    Join Date
    Apr 2007
    Location
    Reading, Berkshire, UK
    Posts
    4,456
    Thank Post
    279
    Thanked 196 Times in 167 Posts
    Rep Power
    75

    Packet Sniffers

    Anyone know anything about packet sniffers? It looks like we have something generating broadcast storms/excessive Internet traffic, and I need to find it, as it is killing our bandwidth. One method is obviously to unplug everything and re-introduce it segment at a time, but that is both time-consuming and highly disruptive.

    I know there are products out there which do this (heck, I sold them for a little while!), but don't really know where to start analysing the data which they return - are they any bluffers' guides or products which are relatively straight-forward to use?

  2. #2

    RabbieBurns's Avatar
    Join Date
    Apr 2008
    Location
    Sydney
    Posts
    5,476
    Thank Post
    1,305
    Thanked 469 Times in 306 Posts
    Blog Entries
    6
    Rep Power
    198
    Use wireshark and it will highlight eveyrhitng colour coded. You can spot the broadcasts a mile off and if something is flooding its even more obviois,.

    It will show source MAC and IP address which will let you track down the rogue device pretty easy.

    we had a hp 2600 shot itself, it was sending out a dhcp request and ignoring the replies and flooding the network with dhcp req's. Found and isolated it pretty promtpt.y

  3. Thanks to RabbieBurns from:

    enjay (5th March 2012)

  4. #3
    enjay's Avatar
    Join Date
    Apr 2007
    Location
    Reading, Berkshire, UK
    Posts
    4,456
    Thank Post
    279
    Thanked 196 Times in 167 Posts
    Rep Power
    75
    Thanks. Do I need to get a special Ethernet adapter, or will it work on the standard one?

  5. #4

    Ric_'s Avatar
    Join Date
    Jun 2005
    Location
    London
    Posts
    7,582
    Thank Post
    107
    Thanked 761 Times in 592 Posts
    Rep Power
    179
    Quote Originally Posted by enjay View Post
    Thanks. Do I need to get a special Ethernet adapter, or will it work on the standard one?
    Nothing special required... just download and go.

  6. #5
    enjay's Avatar
    Join Date
    Apr 2007
    Location
    Reading, Berkshire, UK
    Posts
    4,456
    Thank Post
    279
    Thanked 196 Times in 167 Posts
    Rep Power
    75
    Well, that's progress. When I worked for a company selling these things, we also sold special NICs, something about some NICs not being able to capture packets which are destined to other computers; also had to mess around with port mirroring, as I recall.

  7. #6

    teejay's Avatar
    Join Date
    Apr 2008
    Posts
    3,051
    Thank Post
    275
    Thanked 722 Times in 550 Posts
    Rep Power
    326
    You only need to do port mirroring if you are looking for traffic going to/from a specific port, so you may need to set that up on your switch if you need to look at traffic going to the internet or a specific location. If it's general broadcast stuff, every nic will receive it so worth checking that out first.

  8. #7
    enjay's Avatar
    Join Date
    Apr 2007
    Location
    Reading, Berkshire, UK
    Posts
    4,456
    Thank Post
    279
    Thanked 196 Times in 167 Posts
    Rep Power
    75
    Okay, that's running - I'll start a new thread with the potential issues it has found...

SHARE:
+ Post New Thread

Similar Threads

  1. Packet analyser
    By Talorin in forum Wireless Networks
    Replies: 4
    Last Post: 27th January 2009, 03:41 PM
  2. North Yorkshire Broadband - Slow? Packet loss?
    By contink in forum Yorkshire & Humberside Grid for Learning (YHGfL)
    Replies: 3
    Last Post: 20th January 2009, 03:33 PM
  3. Packet Sniffing
    By theeldergeek in forum Wireless Networks
    Replies: 7
    Last Post: 2nd April 2008, 02:10 PM
  4. SMB Packets
    By AJT1 in forum Wireless Networks
    Replies: 6
    Last Post: 12th February 2008, 12:56 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •