Overview There are quite lot of Gigabit Taps on the market right now and they all work more or less the same way (see Why I like using a tap even behind a mirror port). But there is one different model series available (at least as far as I know) the ProfiShark Taps from Profitap. They are different because theyRead more
If you have a probelm in your network, you can send me a trace to my email address and I will have a look to it. email@example.comRead more
IPv4 – Basics – Part 1: DHCP (Dynamic Host Configuration Protocol) Today I will start a small series, which will cover some basic behaviour of the IPv4 protocol suite and is meant for reimagine and a little bit baselining. I will start the series with the Dynamic Host Confirguration Protocol (DHCP). History: In the Classless Inter Domain Routing (CIDR) environmentRead more
In some cases it could be interesting, that I am able to limit my port speed. For example if I want to summarize my traffic on an uplink. It could be better to have the end devices configured with 100 MBit/s so that 10 end device can use a 1 GBit/s uplink without any problems. So a way to archiveRead more
A few days ago I have read an answer about the Maximum Segment Size (MSS) at the Wireshark Q&A site.
The answer had shacked me up a little bit, because the author wrote that the MSS is not negotiated. First I had thought that I missed something big in my understanding of the Maximum Segment Size (MSS). But after a dive into the world of the RFCs I realized that I have just misinterpreted /mistranslated the authors statement.Read more
This article is meant as an HowTo and it will show a way how the WLAN capabilties of different WLAN devices could be dermined in an practical way.Read more
Some small issues in the actual Wireshark2.0rc1 image, had been reported. So I provide the download of theold Version 1.99.9 here.Read more
A normal day Today I wanted to investigate a phenomen with the Wireshark 2.0rc1 at MacOSX. For that kind of reason I started a local trace on my MacOS. So I did not expect to see any strange traffic due to the point of tracing. But in fact I saw more strange things than I had expected. I saw someRead more
This article describes what benefit you gain, if you attach a TAP behind a “Mirror Port”.Read more
The IP ID Field Today I want to tell something about the Identification Field of the IP Header often called the IP ID, it is a longer post than I have mentioned. I have posted a lot of RFC stuff here which you don´t need to read, because I will summarize it in this post. But I wanted to haveRead more
Today I have updated my knowledge about the Addresss Resolution Protocol and I figured out some interesting things about Gratious ARP behaviour, which I want to share with you.Read more
The number of Graphical User Interfaces (GUI) which are using HTTP as the application protocol is still growing up. And each single website of these applications has often a complex dynamical content. So the “End User Experience View” is getting more and more important, because for the above mentioned reasons it is not easy to realize if the whole content has been loaded with nothing more then a trace file and no deeper knowledge of the application.Read more
Strange Packet discards In the last time I encountered to a strange problem. The following components have been involved: Win2008 R2 servers with VMXNET3 Adapters. Used VMware configuration vCenter Server 5.1.0a ESXi 5.1 Patch 1 Looking at “netstat -e” shows the following strange output. The discard counters for for send and receive side were growing and had also the sameRead more
Short WLAN history Have you ever wondered why different WLAN devices which are each compatible with the 802.11ac standard support nevertheless different data rates. Well I wrote this article to give an answer to this question. To do this it is the best to start with the beginning of WLANs. The beginning of WLAN technology A WLAN is an IEEERead more
Cyber Attack at “Deutscher Bundestag”
While I have been writing my new article about WLAN basics I read an article about the hacker attack at the “Deutscher Bundestag”.
The interesting thing about this attack is, that it seems to be a full hit.
Obviously they are totally compromised, because they lost the last bastion the admin rights of their network. So this is one of the most fatal error you can have. This article inspired me to a personal memory about the history of it security.
Wireshark 1.99 – A short lightly emotional article article about the great new features in Wireshark 1.99Read more
CRWinNetDiag: An Article about the small command line tool CRWinNetDiag which collects the relevant network information and configuration of a windows system without the need of priviliged rights.Read more
Hello World! I will talk today about the weather and how fine it is.Read more