subject:"\[Dorset\] Wireless Version of Wireshark; Android is Linux\?"

Re: [Dorset] Wireless Version of Wireshark; Android is Linux?

2011-11-20 Thread Peter Merchant

On Sun, 2011-11-20 at 13:15 +, John Carlyle-Clarke wrote:
> On 20/11/11 09:39, Peter Merchant wrote:
> >
> > Second, I want to know if it really is the tablet, so am considering
> > putting wireshark on the laptop. It looks like a standard package, but
> > though there is an 'Airpcap' driver for Windows versions, I don't know
> > whether it will work on wireless under linux.
> >
> 
> Yes, it works very well.  I've used it successfully. You may need to set 
> your wireless card to "monitor" mode to make it work, or you may find it 
> just works anyway.
> 
> In some ways, it's better that using it on a wire, because you see all 
> the network traffic.  If your network is encrypted, you can give 
> wireshark the key and it will decrypt packets on the fly too.
> 
> 
It does work very well. I have to run it as root in order to make the
capture device available, though there are instructions on how to set it
up differently so that an ordinary user can use it. Not instructions
that a relative newbie can follow though.

The tablet keeps asking "who'se on 192.168.1.2-3-4-5" etc.   I am glad
that I have a very small subnet (255.255.255.248) or it would really
hammer the system. 

It's a higher level function, so needs more work. I'll try the netstat
command from the tablet, if it is supported. 

Peter



--
Next meeting:  Bournemouth, Tuesday 2011-12-06 20:00
Meets, Mailing list, IRC, LinkedIn, ...  http://dorset.lug.org.uk/
New thread on mailing list:  mailto:dorset@mailman.lug.org.uk
How to Report Bugs Effectively:  http://goo.gl/4Xue

Re: [Dorset] Wireless Version of Wireshark; Android is Linux?

2011-11-20 Thread John Carlyle-Clarke


On 20/11/11 09:39, Peter Merchant wrote:


Second, I want to know if it really is the tablet, so am considering
putting wireshark on the laptop. It looks like a standard package, but
though there is an 'Airpcap' driver for Windows versions, I don't know
whether it will work on wireless under linux.



Yes, it works very well.  I've used it successfully. You may need to set 
your wireless card to "monitor" mode to make it work, or you may find it 
just works anyway.


In some ways, it's better that using it on a wire, because you see all 
the network traffic.  If your network is encrypted, you can give 
wireshark the key and it will decrypt packets on the fly too.




--
Next meeting:  Bournemouth, Tuesday 2011-12-06 20:00
Meets, Mailing list, IRC, LinkedIn, ...  http://dorset.lug.org.uk/
New thread on mailing list:  mailto:dorset@mailman.lug.org.uk
How to Report Bugs Effectively:  http://goo.gl/4Xue

Re: [Dorset] Wireless Version of Wireshark; Android is Linux?

2011-11-20 Thread Ralph Corderoy

Hi,

John Cooper wrote:
> netstat -aunp
> 
> udp 0  0 0.0.0.0:1900 0.0.0.0:*26926/amarok

It may need a `sudo' to get the PID/process name at the end of the line.

Cheers, Ralph.

--
Next meeting:  Bournemouth, Tuesday 2011-12-06 20:00
Meets, Mailing list, IRC, LinkedIn, ...  http://dorset.lug.org.uk/
New thread on mailing list:  mailto:dorset@mailman.lug.org.uk
How to Report Bugs Effectively:  http://goo.gl/4Xue

Re: [Dorset] Wireless Version of Wireshark; Android is Linux?

2011-11-20 Thread John Cooper


On 20/11/11 09:39, Peter Merchant wrote:

First, As android is based on linux, can I ask a question about it here?
My Android wireless tablet (Archos 70 @£99) seems to be doing UDP floods
on to my router. Has anyone experienced similar?

Second, I want to know if it really is the tablet, so am considering
putting wireshark on the laptop. It looks like a standard package, but
though there is an 'Airpcap' driver for Windows versions, I don't know
whether it will work on wireless under linux.

Does anyone have any experience of this?



LUGs are about promoting all things Linux and Android is now a major 
player. It probably will work fine under Android and wireless but have 
you tried running netstat as root to see what the tablet is doing?


netstat -aunp


udp0  0 0.0.0.0:19000.0.0.0:* 
26926/amarok
udp0  0 192.168.1.108:49152 0.0.0.0:* 
26926/amarok
udp0  0 0.0.0.0:514 0.0.0.0:* 
1155/rsyslogd
udp0  0 192.168.122.1:530.0.0.0:* 
2127/dnsmasq
udp0  0 192.168.1.108:530.0.0.0:* 
1633/named
udp0  0 127.0.0.1:530.0.0.0:* 
1633/named
udp0  0 0.0.0.0:67  0.0.0.0:* 
2127/dnsmasq


you can repeat for TCP

netstat -atnp

From the list you might be able to determine what process is causing 
them and turn it off/remove if not used.


John.

--
Next meeting:  Bournemouth, Tuesday 2011-12-06 20:00
Meets, Mailing list, IRC, LinkedIn, ...  http://dorset.lug.org.uk/
New thread on mailing list:  mailto:dorset@mailman.lug.org.uk
How to Report Bugs Effectively:  http://goo.gl/4Xue

Re: [Dorset] Wireless Version of Wireshark; Android is Linux?

2011-11-20 Thread Natalie


On 20/11/11 09:39, Peter Merchant wrote:

First, As android is based on linux, can I ask a question about it here?
My Android wireless tablet (Archos 70 @£99) seems to be doing UDP floods
on to my router. Has anyone experienced similar?


A few people seem to be experience issues with Archos tablets constantly 
scanning ports, maybe this is related? 
http://forum.archosfans.com/viewtopic.php?f=63&p=319145 
 (I'm not too 
knowledgeable about networking in general so apologies if this isn't 
related at all).



Second, I want to know if it really is the tablet, so am considering
putting wireshark on the laptop. It looks like a standard package, but
though there is an 'Airpcap' driver for Windows versions, I don't know
whether it will work on wireless under linux.

Does anyone have any experience of this?

Peter M.


--
Next meeting:  Bournemouth, Tuesday 2011-12-06 20:00
Meets, Mailing list, IRC, LinkedIn, ...  http://dorset.lug.org.uk/
New thread on mailing list:  mailto:dorset@mailman.lug.org.uk
How to Report Bugs Effectively:  http://goo.gl/4Xue



--
Next meeting:  Bournemouth, Tuesday 2011-12-06 20:00
Meets, Mailing list, IRC, LinkedIn, ...  http://dorset.lug.org.uk/
New thread on mailing list:  mailto:dorset@mailman.lug.org.uk
How to Report Bugs Effectively:  http://goo.gl/4Xue

[Dorset] Wireless Version of Wireshark; Android is Linux?

2011-11-20 Thread Peter Merchant

First, As android is based on linux, can I ask a question about it here?
My Android wireless tablet (Archos 70 @£99) seems to be doing UDP floods
on to my router. Has anyone experienced similar? 

Second, I want to know if it really is the tablet, so am considering
putting wireshark on the laptop. It looks like a standard package, but
though there is an 'Airpcap' driver for Windows versions, I don't know
whether it will work on wireless under linux.

Does anyone have any experience of this? 

Peter M.


--
Next meeting:  Bournemouth, Tuesday 2011-12-06 20:00
Meets, Mailing list, IRC, LinkedIn, ...  http://dorset.lug.org.uk/
New thread on mailing list:  mailto:dorset@mailman.lug.org.uk
How to Report Bugs Effectively:  http://goo.gl/4Xue

Re: [Dorset] Wireless Version of Wireshark; Android is Linux?

Re: [Dorset] Wireless Version of Wireshark; Android is Linux?

Re: [Dorset] Wireless Version of Wireshark; Android is Linux?

Re: [Dorset] Wireless Version of Wireshark; Android is Linux?

Re: [Dorset] Wireless Version of Wireshark; Android is Linux?

[Dorset] Wireless Version of Wireshark; Android is Linux?

6 matches

Site Navigation

Mail list logo

Footer information