Re: sniffer in promiscuous mode

From: brien mac (aph3x@linuxmail.org)
Date: 02/06/02 

From: "brien mac" <aph3x@linuxmail.org>
To: govind@iiitb.ac.in, security-basics@securityfocus.com
Date: Wed, 06 Feb 2002 17:44:26 -0400

sounds like they are being filtered by the sniffer. check the filter rules to make sure you're not filtering UDP, TCP, or any others you that would like to capture 

-- 

Get your free email from www.linuxmail.org 

Powered by Outblaze

Relevant Pages

  • Re: OUTBOUND FILTERING AND BIT TORRENT bitlord
    ... This just means that you can't refer to the TCP states in your ruleset. ... I wonder why you even limited outbound connections. ... i see that traffic to peers listening on other TCP ports are blocked ... i increase thse scope of my filter to allow TCP 1000-65535 and i get ...
    (comp.security.firewalls)
  • Re: Compress and send video problem
    ... I'll try to implement this filter... ... but able to stream the data through TCP instead of writing to ... >>with high quality, so we have to wait for the whole compression, ... >>hook, but the manner directshow writes to the disk, makes the hook not ...
    (microsoft.public.win32.programmer.directx.video)
  • Re: TCP Dump Filters
    ... but can you FILTER on the contents of the payload? ... > would be a major drawback in the use of TCPdump as an IDS engine. ... To only look inside of the TCP segment. ...
    (Focus-IDS)
  • Re: Simple IPSEC filter
    ... Try a rule with a permit filter action that includes a mirrored filter entry ... destination port 25, source port - any. ... No protocol restrictions. ... > A simple filter like the address filters above that adds port 25 TCP ...
    (microsoft.public.windows.server.networking)
  • Re: Port 135
    ... >Untick the field "Mirrored" in the filter. ... I should be able to block ALL incoming TCP, ... IPSec settings, I can't do that with IPSec. ...
    (comp.security.firewalls)