|Is there any way to filter Hadoop packets when network traffic sniffing?|
I'm not sure which Hadoop distribution you're using, or which packet
sniffer, but you should be able to take a couple of different approaches
Assuming, you're using the default ports for Hadoop services, you should be
able to key on the destination port for NameNode and DataNode traffic, as
well as JobTracker/TaskTracker. This link is published by Cloudera, but
they use the same default ports as Hortonworks or any other Apache Hadoop
distribution, so the information should be applicable to your use case.
Also, Wireshark appears to have an HDFS protocol dissector, meaning it
should be one of the types it can handle out of the box. If you're not
familiar with Wireshark as network packet analyzer, I suggest you check it
Hope this is helpful - good luck!
|Meteor ports used (seems to be blocked by wireless network)|
It sounds a bit like the websocket bit of the connection isn't connecting
through. In meteor there are two connections, one static containing the
html, images and js (which looks like its working) and the other via
websockets which handles the data & live updates.
error, in which case it tries to drop to long polling, which takes quite a
It might be something like a proxy which is troubling you. I've run into
this without a HTTP proxy but a invisible socks proxy too (via iptables).
You could check quickly too by checking Meteor.status() which would
indicate its 'waiting' if the above is the case.
|How to configure ASP.NET project to be accessible via local wireless network?|
Short answer, change from 'localhost' to '0.0.0.0'. That's probably all you
the port is open through your firewall, if you have one turned on.
you can ping other devices on the wifi network. Some wifi access points
restrict sending traffic from one node to another on the same wlan.
When you use localhost as the hostname it's resolved (through
system32/drivers/etc) to 127.0.0.1.
The network card is designed to restrict access from anywhere else to that
ip address, so you will need to choose a different IP address to bind to.
You could choose the actual IP address for your machine, but that may
change over time.
The special IP address, 0.0.0.0, means bind to all interfaces on the
|Wireless tools: Converting network essid to char|
It's a completely different problem to the one you think you have. What's
happening is that you never initialize result, so this:
network = result->b.essid;
is just going to give you garbage, and this:
result = result->next;
will likely give you an infinite loop.
You should probably turn up the warning level on your compiler, and/or look
into tools like splint and Valgrind.
|Intercepting webpage requests through Wireless Hosted Network|
You will need to set up your own DNS server for this to work. The problem
is that your laptop makes a DNS query for google.com and receives an IP
which points to Google's servers and not yours.
Or, if there is only a few sites you want to redirect - add entries for
them in your hosts file.
|Android ksoap connection timed out when using more than one device on same wireless network :(|
Turns out ksoap2 works well, and my code works well.
After tracing ksoap call method, and sniffing html traffic I found out
that, sometimes, server doesn't respond on my requests. This happens
because server configuration was changed and now, when there are a lot of
requests from the same IP address, server treats some of them as
retransmission and ignores them. This problem has to be solved on server
|Android mobile not detecting wireless network created on my laptop|
Ad Hoc networks are not supported natively by Android devices, unless you
get your device rooted and make some tricks in the underlying linux system.
There are a lot of pages talking about that:
You can try this at your risk:
|Send and receive info between windows and android through wireless network|
You need to create Web Services and call them from your android app. Please
have a look at this link which will give you information on calling
webservices in android how to call RESTful web service from android?
|Wireless-tools for linux to scan for wireless devices without them being connected|
The following tools are available
Adding another Answer:
You can use the following command also
iwlist wlan0 scanning
It gives lot of information about all the wireless networks available in
your range... the sample output is also given here
wlan0 Scan completed :
Cell 01 - Address: 00:1F:E6:00:48:12
Frequency:2.462 GHz (Channel 11)
Quality=28/70 Signal level=-82 dBm
Bit Rates:1 Mb/s; 2 Mb/s; 5.5 Mb/s; 11 Mb/s; 18 Mb/s
24 Mb/s; 36 Mb/s; 54 Mb/s
Bit Rates:6 Mb/s; 9 Mb/s; 12 Mb/s; 48 Mb/s
|Setting up local ip over wireless network to create a local server on Ubuntu|
Just add this to your normal runserver command:
python manage.py runserver 0.0.0.0:8000
Then others on your local network can access it through:
|"tcpdump -w 1.pcap" works, but "tcpdump -C 100 -w 1.pcap" - permission denied|
I experienced similar problems when I tried to read from file, like
tcpdump -r example.cap 'icmp[icmptype] = icmp-echo'
For me AppArmor caused the problem I had to switch from 'enforcement' mode
to 'complain' mode on 'tcpdump'. Run the following command as root:
|Audio sniffing in python?|
PyAudio is a good tool for audio manipulation in Python. This person:
record output sound in python was able to record sound output from their
computer with PyAudio without access to the original file.
|What would cause parameter sniffing one one computer and not another?|
Assuming you mean that both machines were connecting to the same server
then there was probably a setting difference that caused the inappropriate
plan to not be shared between the two connections.
In order for a connection to reuse a previously cached plan quite a few
settings (plan cache keys) must be the same including ANSI_NULLS,
ARITHABORT, Language, DATEFIRST and default schema (if the query relys on
any implicit name resolution).
You can view these by looking at sys.dm_exec_plan_attributes (the ones
where is_cache_key=1 need to be the same between connections).
A full list of the attributes where is_cache_key=1 is
|Slow as a stored procedure, fast as a query - not parameter sniffing|
This was the solution:
CREATE TABLE #ListOfIDs (ID int)
insert into #ListOfIDs (ID) select ID from @ListOfIDs
CREATE TABLE #ListOfTwoIDs (FirstID int, SecondID int)
insert into #ListOfTwoIDs (FirstID, SecondID) select FirstID, SecondID from
I guess that the issue was with the table-types parameters, but I still
don't understand why and what...
|ping with tcpflow and tcpdump|
When I use tcpflow icmp and ping I have no answer
Uh... How about this: tcpflow captures data from TCP connections and ICMP
messages (e.g., pings & etc) are not part of TCP connections.
|tcpdump of udp packets containing data|
try the following:
tcpdump -i eth0 -X -v -s 1514 'udp[40:4] = 0x31323334'
Afaik, proto relop filters should match only the protocol you specify, -n
udp should not be needed.
|tcpdump to only print urls|
you can use scapy the sniff function and use regex or grep
tcpdump = sniff(count=5,filter="host 184.108.40.206",prn=lambda
change the filter for your filter text :)
or maybe you want to save the traffic and see it in wireshark
|tcpdump whitelist filter for UPnP|
It's not quite as simple as that. SSDP (the discovery protocol) uses port
1900 (and apparently in some cases 2869) but the actual UPnP service can be
on whatever port: SSDP is just a way to discover that port and other
details about the service.
See UPnP Device Architecture spec (pdf) for more details.
|Why doesn't tcpdump catch packet after specifying ip?|
OK, then it's an unfortunate consequence of the difficulty of handling VLAN
encapsulation in BPF. VLAN packets captured on a "raw" interface (that
supplies packets with their VLAN headers intact) aren't treated as IP
packets, they're treated as VLAN packets, so you need to do "vlan and" to
skip past the VLAN header.
|Capture LLDP packets using tcpdump|
tcpdump -w test.pcap -i eth0 ether proto 0x88cc
The Ethernet type for LLDP is 0x88cc, so the filter to see only LLDP
packets is ether proto 0x88cc.
-v (or -vv, or -vvv, or...) and -w don't go together. -w means "write the
raw packets to the file, and don't print anything"; -v means "print
verbosely". If you combine "don't print anything" and "print verbosely",
"don't print anything" takes precedence, so nothing is printed, verbosely
|killing tcpdump without corrupting the capture|
OK, so the issue turns out to be a race condition:
That tells tcpdump to exit gracefully, and one of the things it does in
there is write out statistics about the capture (i.e. how many packets). I
noticed that if I put a print statement right after that kill, sometimes it
showed up before the statistics, sometimes after. So the solution is to
wait until tcpdump is done before continuing on to the next command that
processes the output from tcpdump:
system('tshark -r dumpcapfile ...')
|Handling tcpdump output in python|
By default, pipes are block buffered and interactive output is line
buffered. It sounds like you need a line buffered pipe - coming from
tcpdump in a subprocess.
In the old days, we'd recommend Dan Bernstein's "pty" program for this kind
of thing. Today, it appears that pty hasn't been updated in a long time,
but there's a new program called "emtpy" which is more or less the same
You might try running tcpdump under empty in your subprocess to make
tcpdump line buffered even though it's writing to a pipe.
|SSRS Report takes longer than query; tried parameter sniffing & nolock fixes|
Per the comment request by Martin Smith above, the answer to this
particular issue was to recognize there were subreports running within the
problem report that were themselves causing the slowness. This wasn't
readily obvious simply reviewing the query being run in SSMS. So be more
observant than I was and make sure you know the full composition of the
|tcpdump can't pick up mobile device traffic|
The problem lay not with tcpdump (or wireshark -which I tried later). The
problem is that the device I was using, was not really up to the task. The
device in question Edimax EW-7811Un, which has a realtek chipset, just
can't handle all that much - I think it was a bit naive of me to expect
such a tiny little chipset to perform the heavy packet sniffing I wanted it
I run the command from my question on my atheros chipset on my laptop, not
only could I pick up the mobile devices, but the granularity was excellent.
|Does Sql Server 2014's "Hekaton" compiled stored procedures address parameter sniffing issues?|
As far as I know when you create "native" stored procedure it will be
compiled to the native code immediately and it will not go through Query
Optimizer. So I don't think "parameter sniffing" issue will be an issue.
|tcpdump returns 0 packets captured, received and dropped|
tcpdump is the right tool to dump ip packets. But if your openstack
security group rules blocks ICMP, 0 ICMP packets are expected.
I just want to understand what do you mean by "cannot connect to the
virtual machines at all". ping command doesn't work? or other protocol like
ssh or HTTP.
Generally the first common problem when connecting to OpenStack VM is the
security group rules. the default one disallow ICMP protocol. You can run
the following command to see the rules:
nova secgroup-list: it usually returns a default one
nova secgroup-rules-list default: it will show the defined rules. where
there must be at least one rule to allow ICMP protocol.
Here's the official doc to tell how to add rules allowing ICMP and SSH.
|tcpdump PCAP file format payload bytes|
In fact it generates lines that mention "tsft 1.0 Mb/s 2452 MHz 11g -78dB
signal -91dB noise antenna 0 Beacon".
What's wrong with that? It's dissecting radiotap headers in exactly the
fashion it should.
You captured with the -I flag, meaning you captured in monitor mode. By
default, on OS X (and, in most cases on Linux and *BSD), that captures with
radiotap headers, giving radio-layer meta-data.
A pcap file has a "linktype" value in the file header; a pcap-ng file has a
"linktype" value in each Interface Description Block for each network
interface on which traffic was captured. Those values are described on the
link-layer header types page of the tcpdump.org Web site. Your capture
probably has a link-layer header type value of 127, which is
LINKTYPE_IEEE802_11_RADIOTAP, and the
|tcpdump monitor mode on OS X does not show other machine's packets|
If you capture in monitor mode on a protected (WEP or WPA/WPA2) network:
filters used when capturing that apply above the link layer, such as host
192.168.1.102, will not work, because the filter will be used with
unless the program reading the capture can decrypt the packets, they will
just show up as 802.11 Data packets, not as, for example,
tcpdump doesn't support decryption of encrypted 802.11 packets. Wireshark
does, but, as the Wireshark "how to decrypt 802.11" page indicates, you
need to supply the password for the network, you must either be using WEP
or be using WPA/WPA2 Personal/Pre-Shared Key mode (WPA/WPA2
Enterprise/802.1X mode isn't supported) and, for WPA/WPA2, you must have,
for any machine whose traffic is to be decryp
|Tcpdump - pcap - Cannot sniff packets on port 5984|
If the packets are going from your Mac to the same Mac - for example, if
you're communicating with "localhost" or 127.0.0.1 (which are the same
thing - "localhost" resolves to 127.0.0.1), capture on lo0, not on en0 or
en1. Traffic to 127.0.0.1 doesn't get sent on any real network, it gets
looped back internally to your machine, so you have to look on the
"loopback" network and the "loopback" interface for it.
(Similar answers apply for other UN*Xes, except that on Linux, the loopback
interface is called just lo, not lo0. There's no equivalent on Windows,
and on some versions of UN*X, such as Solaris 10 and earlier, you can't
capture on the loopback interface.)
|TCPDump / libpcap - find memory location of payload data|
Given the above information.. how can I properly locate the packet's
For DLT_NULL, your program should extract the first 4 bytes of the packet
data as a 32-bit number. If you're doing a live capture, you can extract
it in the host's byte order and compare it against your OS's values of
AF_INET and AF_INET6 (if it has an AF_INET6 definition; these days, most
current OS versions should, as they should support IPv6); if you're reading
a capture file, you'd need to byte-swap the value if pcap_is_swapped()
returns a non-zero value (you can also use it for live captures; it always
returns zero for live captures), and you'll need to compare against several
different "IPv6" values (24, 28, and 30), each of which mean "IPv6" on some
particular OS (fortunately, AF_INET is 2 o
|Detecting if a mouse is wireless|
start here: http://www.ibm.com/developerworks/library/j-usb/index.html[^]
read on here:
and then check out this project: http://jusb.sourceforge.net/[^]
These might help to get a little close to extract the specification of a
hardware. I dont know if it can check whether a hardware is wireless or
not, as the computer has nothing to do with it..
|adb device offline with ADB wireless|
Disconnect adb over wifi, connect your phone with a USB-cable to your pc.
It will ask you on your phone is you want to allow the connection. Tick
always allow. You will only get this when you connect with USB and have to
do this only once, you can use over wifi afterwards.
Don't get the pop-up? Try the answers on google over a cable, since you
need to do this first.
|Arduino wireless and Node.js|
While the monitor is running no other program can read the serial port.
In case you do not open both at the same time then things are more tricky.
My suggestion would be to spy on the wire. That is: install Wireshark and
have a look at the data on the serial connection / USB bus.
You might also want to check how the serial port of the APC220 and the
Arduino differ with regard to their serial/USB converters. Another idea
would be to analyze this issue under Linux since may allow more insights
into the low-level differences of the chip sets / USB activity. Of course
if you do not have Linux experience this is hard to do, but maybe you know
some Linux enthusiasts.
|why ip address differs when wireless is off?|
.An IP address is the address of a network adapter within a specific local
It will be different when connected to different networks.
When not connected to any network, it will either be a link-local address
or an auto-configuration address.
You might want the MAC address, which is the hardware address of a single
network adapter and is not very likely to change.
|iPhone Wireless Ad Hoc App Distribution|
(Updated) Easiest Way:
I have found another way to distribute the ipa.
This website provide service to distribute you adhoc app (ipa).
To Distribute your app to other device your have to register those device
in your developer account.
To AdHoc distribution you need the devices UDID.... register those in
developer account and make a AdHoc profile and sign your app using the
After that send the AdHoc profile and your app to the Users...
|How to reset system in wireless driver?|
As Basile says, kill() is a user space syscall, so you can't use it from a
kernel module. It's a crude way to accomplish what you are trying to do
anyways. Unless you have a reason to use emergency_restart() over
kernel_restart() I would use the latter. The options you have can be found
BTW, this is opening a security hole in your system. Since the driver is
interpreting the data packet to determine if it is time to restart, there
the OS cannot help to determine if that source has authority to perform
such an action on your system. You may be better off with a user-space
daemon which is run with the appropriate permissions to reboot the
computer, and can act as an authentication agent and a reboot agent rather
than doing it in your driver.
|Wireless.h How do I print out the signal level?|
For future record, this was resolved from the comments, thanks to the
I simply needed to cast the unsigned int to a signed one and it was solved.
Changed the print line to this:
printf("Transmit power: %d ", (int8_t) result->stats.qual.level);
Now the values that looked like 178, 200 turned to -80, -69 etc!
The best you can do is to use
http://www.w3.org/TR/netinfo-api/#idl-def-Connection where avaliable.
Support is low, but it will help you decide what sort of connection the
If you actually want geolocation, just ask for it directly using
|Sending Message Using Wireless to GSM number|
A part of the application is that the administrator can send universal
notification to everyone registered to that application. How can i possibly
You can use Google Cloud Messaging for Android. It a service that allows
you to send data from your server to your users' Android-powered device,
and also to receive messages from devices on the same connection. You can
send messages( or notifications) to all the Android users of your app. Each
user would have a registrationId which would be unique for each user ( if
you register them). That ID can be used to send messages to all your app
P.s: By wireless I am assuming internet.
Browser errors and system tray icons will sufficiently indicate the state
of the wireless network to the user.
The way you describe your application indicates, to me, that you are doing
some kind of continuous AJAX-style querying that is frequently interrupted.
Rather than concentrating on underlying network connections, I recommend
taking a more business-level approach: If your application cannot maintain
a connection (or does not receive a response within a certain time limit),
simply notify the user that a connection could not be established (for
added robustness, keep retrying until it succeeds -- see, e.g. GMail's web
interface). The user will have other means to diagnose why - your
application should not and can not know the reason for the failure, your
application only knows that i