Hello kevin. use this:
sudo tcpdump -vv -XX -i eth0 port 3000 With -XX you can see the package . Yes kevin, we see redis take the password.check into the package with XX If the password is on the package, i think you must flush database, and use admin admin for login again Try this if the passwors exist. on Shell redis-cli FLUSHDB redis-cli FLUSHALL Regards. On Sat, Jul 26, 2014 at 11:54 PM, Kevin Neely <[email protected]> wrote: > Yup, redis is receiving the password, according to the monitor command. > > here are the results from monitoring redis: > > 1406411141.705469 [0 127.0.0.1:42104] "GET" "user.admin.password" > 1406411141.765239 [0 127.0.0.1:42104] "LPOP" "dns.toresolve" > 1406411142.173654 [0 127.0.0.1:42104] "LPOP" "dns.toresolve" > > > And here is the traffic dump. ktneely-laptop is the client and piglet is > the system running ntopng > > > ktneely@piglet:/tmp⟫ sudo tcpdump -vv -i eth0 port 3000 > tcpdump: listening on eth0, link-type EN10MB (Ethernet), capture size > 65535 byte > s > 14:48:35.216218 IP (tos 0x0, ttl 64, id 58957, offset 0, flags [DF], proto > TCP ( > 6), length 64) > ktneely-laptop.local.57828 > piglet.local.3000: Flags [S], cksum > 0xf21e (cor > rect), seq 812530630, win 65535, options [mss 1460,nop,wscale 4,nop,nop,TS > val 9 > 38422175 ecr 0,sackOK,eol], length 0 > 14:48:35.216266 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto TCP > (6), > length 60) > piglet.local.3000 > ktneely-laptop.local.57828: Flags [S.], cksum > 0x83ae (in > correct -> 0xdcd4), seq 3250767805, ack 812530631, win 28960, options [mss > 1460, > sackOK,TS val 127083527 ecr 938422175,nop,wscale 7], length 0 > 14:48:35.395977 IP (tos 0x0, ttl 64, id 9524, offset 0, flags [DF], proto > TCP (6 > ), length 52) > ktneely-laptop.local.57828 > piglet.local.3000: Flags [.], cksum > 0x5ba4 (cor > rect), seq 1, ack 1, win 8235, options [nop,nop,TS val 938422417 ecr > 127083527], > length 0 > 14:48:35.396252 IP (tos 0x0, ttl 64, id 861, offset 0, flags [DF], proto > TCP (6) > , length 512) > ktneely-laptop.local.57828 > piglet.local.3000: Flags [P.], cksum > 0x02ce (co > rrect), seq 1:461, ack 1, win 8235, options [nop,nop,TS val 938422417 ecr > 127083 > 527], length 460 > 14:48:35.396280 IP (tos 0x0, ttl 64, id 58250, offset 0, flags [DF], proto > TCP ( > 6), length 52) > piglet.local.3000 > ktneely-laptop.local.57828: Flags [.], cksum > 0x83a6 (inc > orrect -> 0x78eb), seq 1, ack 461, win 235, options [nop,nop,TS val > 127083572 ec > r 938422417], length 0 > 14:48:35.396457 IP (tos 0x0, ttl 64, id 58251, offset 0, flags [DF], proto > TCP ( > 6), length 187) > piglet.local.3000 > ktneely-laptop.local.57828: Flags [P.], cksum > 0x842d (in > correct -> 0x2163), seq 1:136, ack 461, win 235, options [nop,nop,TS val > 1270835 > 72 ecr 938422417], length 135 > 14:48:35.396477 IP (tos 0x0, ttl 64, id 58252, offset 0, flags [DF], proto > TCP ( > 6), length 52) > piglet.local.3000 > ktneely-laptop.local.57828: Flags [F.], cksum > 0x83a6 (in > correct -> 0x7863), seq 136, ack 461, win 235, options [nop,nop,TS val > 127083572 > ecr 938422417], length 0 > 14:48:35.595580 IP (tos 0x0, ttl 64, id 46630, offset 0, flags [DF], proto > TCP ( > 6), length 52) > ktneely-laptop.local.57828 > piglet.local.3000: Flags [.], cksum > 0x586a (cor > rect), seq 461, ack 136, win 8227, options [nop,nop,TS val 938422611 ecr > 1270835 > 72], length 0 > 14:48:35.595602 IP (tos 0x0, ttl 64, id 15321, offset 0, flags [DF], proto > TCP ( > 6), length 52) > ktneely-laptop.local.57828 > piglet.local.3000: Flags [.], cksum > 0x5869 (cor > rect), seq 461, ack 137, win 8227, options [nop,nop,TS val 938422611 ecr > 1270835 > 72], length 0 > 14:48:35.596001 IP (tos 0x0, ttl 64, id 61499, offset 0, flags [DF], proto > TCP ( > 6), length 52) > ktneely-laptop.local.57828 > piglet.local.3000: Flags [F.], cksum > 0x5868 (co > rrect), seq 461, ack 137, win 8227, options [nop,nop,TS val 938422611 ecr > 127083 > 572], length 0 > 14:48:35.596026 IP (tos 0x0, ttl 64, id 52588, offset 0, flags [DF], proto > TCP ( > 6), length 52) > piglet.local.3000 > ktneely-laptop.local.57828: Flags [.], cksum > 0x776e (cor > rect), seq 137, ack 462, win 235, options [nop,nop,TS val 127083622 ecr > 93842261 > 1], length 0 > 14:48:35.622653 IP (tos 0x0, ttl 64, id 28558, offset 0, flags [DF], proto > TCP ( > 6), length 64) > ktneely-laptop.local.57829 > piglet.local.3000: Flags [S], cksum > 0xa25d (cor > rect), seq 325625536, win 65535, options [mss 1460,nop,wscale 4,nop,nop,TS > val 9 > 38422635 ecr 0,sackOK,eol], length 0 > 14:48:35.622698 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto TCP > (6), > length 60) > piglet.local.3000 > ktneely-laptop.local.57829: Flags [S.], cksum > 0x83ae (in > correct -> 0x8e18), seq 23234227, ack 325625537, win 28960, options [mss > 1460,sa > ckOK,TS val 127083629 ecr 938422635,nop,wscale 7], length 0 > 14:48:35.878410 IP (tos 0x0, ttl 64, id 30807, offset 0, flags [DF], proto > TCP ( > 6), length 64) > ktneely-laptop.local.57830 > piglet.local.3000: Flags [S], cksum > 0x3db7 (cor > rect), seq 1625341172, win 65535, options [mss 1460,nop,wscale > 4,nop,nop,TS val > 938422884 ecr 0,sackOK,eol], length 0 > 14:48:35.878438 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto TCP > (6), > length 60) > piglet.local.3000 > ktneely-laptop.local.57830: Flags [S.], cksum > 0x83ae (in > correct -> 0xf9a5), seq 1031764514, ack 1625341173, win 28960, options > [mss 1460 > ,sackOK,TS val 127083693 ecr 938422884,nop,wscale 7], length 0 > 14:48:35.997077 IP (tos 0x0, ttl 64, id 22302, offset 0, flags [DF], proto > TCP ( > 6), length 52) > ktneely-laptop.local.57829 > piglet.local.3000: Flags [.], cksum > 0x0c7f (cor > rect), seq 1, ack 1, win 8235, options [nop,nop,TS val 938422982 ecr > 127083629], > length 0 > 14:48:35.997141 IP (tos 0x0, ttl 64, id 15666, offset 0, flags [DF], proto > TCP ( > 6), length 409) > ktneely-laptop.local.57829 > piglet.local.3000: Flags [P.], cksum > 0x5a1b (co > rrect), seq 1:358, ack 1, win 8235, options [nop,nop,TS val 938422982 ecr > 127083 > 629], length 357 > 14:48:35.997165 IP (tos 0x0, ttl 64, id 41599, offset 0, flags [DF], proto > TCP ( > 6), length 52) > piglet.local.3000 > ktneely-laptop.local.57829: Flags [.], cksum > 0x83a6 (inc > orrect -> 0x29fc), seq 1, ack 358, win 235, options [nop,nop,TS val > 127083723 ec > r 938422982], length 0 > 14:48:35.997506 IP (tos 0x0, ttl 64, id 41600, offset 0, flags [DF], proto > TCP ( > 6), length 265) > piglet.local.3000 > ktneely-laptop.local.57829: Flags [P.], cksum > 0x847b (in > correct -> 0xd29c), seq 1:214, ack 358, win 235, options [nop,nop,TS val > 1270837 > 23 ecr 938422982], length 213 > 14:48:35.997599 IP (tos 0x0, ttl 64, id 41601, offset 0, flags [DF], proto > TCP ( > 6), length 1500) > piglet.local.3000 > ktneely-laptop.local.57829: Flags [.], cksum > 0x894e (inc > orrect -> 0x496c), seq 214:1662, ack 358, win 235, options [nop,nop,TS val > 12708 > 3723 ecr 938422982], length 1448 > 14:48:35.997683 IP (tos 0x0, ttl 64, id 41602, offset 0, flags [DF], proto > TCP ( > 6), length 1450) > piglet.local.3000 > ktneely-laptop.local.57829: Flags [FP.], cksum > 0x891c (i > ncorrect -> 0x4ba4), seq 1662:3060, ack 358, win 235, options [nop,nop,TS > val 12 > 7083723 ecr 938422982], length 1398 > 14:48:36.086741 IP (tos 0x0, ttl 64, id 42124, offset 0, flags [DF], proto > TCP ( > 6), length 52) > ktneely-laptop.local.57830 > piglet.local.3000: Flags [.], cksum > 0x7892 (cor > rect), seq 1, ack 1, win 8235, options [nop,nop,TS val 938423097 ecr > 127083693], > length 0 > 14:48:36.225476 IP (tos 0x0, ttl 64, id 41214, offset 0, flags [DF], proto > TCP ( > 6), length 52) > ktneely-laptop.local.57829 > piglet.local.3000: Flags [.], cksum > 0x08ee (cor > rect), seq 358, ack 214, win 8222, options [nop,nop,TS val 938423244 ecr > 1270837 > 23], length 0 > 14:48:36.267069 IP (tos 0x0, ttl 64, id 4835, offset 0, flags [DF], proto > TCP (6 > ), length 52) > ktneely-laptop.local.57829 > piglet.local.3000: Flags [.], cksum > 0xfe1b (cor > rect), seq 358, ack 3061, win 8104, options [nop,nop,TS val 938423285 ecr > 127083 > 723], length 0 > 14:48:36.267104 IP (tos 0x0, ttl 64, id 5568, offset 0, flags [DF], proto > TCP (6 > ), length 52) > piglet.local.3000 > ktneely-laptop.local.57829: Flags [.], cksum > 0x1701 (correct), seq 3061, ack 359, win 235, options [nop,nop,TS val > 127084077 ecr 938424426], length 0 > 14:48:41.084582 IP (tos 0x0, ttl 64, id 38586, offset 0, flags [DF], proto > TCP (6), length 52) > ktneely-laptop.local.57830 > piglet.local.3000: Flags [F.], cksum > 0x651a (correct), seq 1, ack 1, win 8235, options [nop,nop,TS val 938428080 > ecr 127083693], length 0 > 14:48:41.084673 IP (tos 0x0, ttl 64, id 24258, offset 0, flags [DF], proto > TCP (6), length 120) > piglet.local.3000 > ktneely-laptop.local.57830: Flags [P.], cksum > 0x83ea (incorrect -> 0x47a2), seq 1:69, ack 2, win 227, options [nop,nop,TS > val 127084995 ecr 938428080], length 68 > 14:48:41.084723 IP (tos 0x0, ttl 64, id 24259, offset 0, flags [DF], proto > TCP (6), length 100) > piglet.local.3000 > ktneely-laptop.local.57830: Flags [FP.], cksum > 0x83d6 (incorrect -> 0xbc73), seq 69:117, ack 2, win 227, options > [nop,nop,TS val 127084995 ecr 938428080], length 48 > 14:48:41.377999 IP (tos 0x0, ttl 64, id 20584, offset 0, flags [DF], proto > TCP (6), length 52) > ktneely-laptop.local.57830 > piglet.local.3000: Flags [.], cksum > 0x5ea3 (correct), seq 2, ack 69, win 8231, options [nop,nop,TS val > 938428369 ecr 127084995], length 0 > 14:48:41.378042 IP (tos 0x0, ttl 64, id 4240, offset 0, flags [DF], proto > TCP (6), length 52) > ktneely-laptop.local.57830 > piglet.local.3000: Flags [.], cksum > 0x5e75 (correct), seq 2, ack 118, win 8228, options [nop,nop,TS val > 938428369 ecr 127084995], length 0 > > > > > > On 07/24/2014 09:06 AM, Spider s wrote: > > Hello again, more easy for debug. > > Yo can use redis client and monitor, and check if password was send. > > Do this on shell > : > redis-cli > > monitor > > > Now go to the web and try login. > > You must see any similar to this: > > > 1406217237.542554 "LPOP" "dns.toresolve" > 1406217237.642430 "LPOP" "dns.toresolve" > 1406217238.542795 "LPOP" "dns.toresolve" > 1406217238.642616 "LPOP" "dns.toresolve" > 1406217238.697366 "GET" "user.admin.password" > > Now you can check if password was send to redis. > > > If not try reset complete database, if is corrupt you need flush. > > > > (from Shell) > > redis-cli FLUSHDB > redis-cli FLUSHALL > > > Remove redis-cli if you are into redis-cli. > > With this you lost all users from DB. > Let me know when you solve it. > Regards. > > > On Thu, Jul 24, 2014 at 5:41 PM, Spider s <[email protected]> > wrote: > >> Hello, kevin try this: >> >> >> tcpdump -i venet0:0 -vv -XX port 3000 >> >> Port 3000 if use default port. >> >> >> With this you can see all packets send to port 3000, and check if we >> send the password, or is a redis error. >> >> >> xx.xxx.xxx.xxx > vps.com.3000: Flags [P.], cksum 0xc8a1 (correct), seq >> 1:449, ack 1, win 4380, length 448 >> 0x0000: 0000 ffff 0000 0000 0000 0000 0000 0800 ................ >> 0x0010: 4500 01e8 4808 4000 6e06 87dd 5981 3cec [email protected] >> .<. >> 0x0020: 17ef 8cce 0a5e 0bb8 79df bce4 a162 b986 .....^..y....b.. >> 0x0030: 5018 111c c8a1 0000 504f 5354 202f 6175 P.......POST./au >> 0x0040: 7468 6f72 697a 652e 6874 6d6c 2048 5454 thorize.html.HTT >> 0x0050: 502f 312e 310d 0a41 6363 6570 743a 2074 P/1.1..Accept:.t >> 0x0060: 6578 742f 6874 6d6c 2c20 6170 706c 6963 ext/html,.applic >> 0x0070: 6174 696f 6e2f 7868 746d 6c2b 786d 6c2c ation/xhtml+xml, >> 0x0080: 202a 2f2a 0d0a 5265 6665 7265 723a 2068 .*/*..Referer:.h >> 0x0090: 7474 703a 2f2f 3233 2e32 3339 2e31 3430 ttp://23.239.140 >> 0x00a0: 2e32 3036 3a33 3030 302f 6c6f 6769 6e2e .206:3000/login. >> 0x00b0: 6874 6d6c 0d0a 4163 6365 7074 2d4c 616e html..Accept-Lan >> 0x00c0: 6775 6167 653a 2065 732d 4553 0d0a 5573 guage:.es-ES..Us >> 0x00d0: 6572 2d41 6765 6e74 3a20 4d6f 7a69 6c6c er-Agent:.Mozill >> 0x00e0: 612f 352e 3020 2857 696e 646f 7773 204e a/5.0.(Windows.N >> 0x00f0: 5420 362e 313b 2057 4f57 3634 3b20 5472 T.6.1;.WOW64;.Tr >> 0x0100: 6964 656e 742f 372e 303b 2072 763a 3131 ident/7.0;.rv:11 >> 0x0110: 2e30 2920 6c69 6b65 2047 6563 6b6f 0d0a .0).like.Gecko.. >> 0x0120: 436f 6e74 656e 742d 5479 7065 3a20 6170 Content-Type:.ap >> 0x0130: 706c 6963 6174 696f 6e2f 782d 7777 772d plication/x-www- >> 0x0140: 666f 726d 2d75 726c 656e 636f 6465 640d form-urlencoded. >> 0x0150: 0a41 6363 6570 742d 456e 636f 6469 6e67 .Accept-Encoding >> 0x0160: 3a20 677a 6970 2c20 6465 666c 6174 650d :.gzip,.deflate. >> 0x0170: 0a48 6f73 743a 2032 332e 3233 392e 3134 .Host:.23.239.14 >> 0x0180: 302e 3230 363a 3330 3030 0d0a 436f 6e74 0.206:3000..Cont >> 0x0190: 656e 742d 4c65 6e67 7468 3a20 3239 0d0a ent-Length:.29.. >> 0x01a0: 444e 543a 2031 0d0a 436f 6e6e 6563 7469 DNT:.1..Connecti >> 0x01b0: 6f6e 3a20 4b65 6570 2d41 6c69 7665 0d0a on:.Keep-Alive.. >> 0x01c0: 4361 6368 652d 436f 6e74 726f 6c3a 206e Cache-Control:.n >> 0x01d0: 6f2d 6361 6368 650d 0a0d 0a75 7365 723d o-cache....user= >> 0x01e0: 6164 6d69 6e26 7061 7373 776f 7264 3d70 admin&password=p >> 0x01f0: 6173 7361 646d 696e assadmin >> >> >> In this example you can see at end the (user and pass) is send. >> >> With tcpdump you can see a lot of data, but try search this. and you >> can check the password was sent (i use password passadmin for the example) >> >> Good luck, regards. >> >> >> On Thu, Jul 24, 2014 at 11:24 AM, Filippo Fontanelli <[email protected] >> > wrote: >> >>> Kevin, >>> >>> could you please give me the access to the system to check what’s >>> going on with the issue you have. >>> >>> Regards, >>> Filippo >>> >>> >>> On 24 Jul 2014, at 04:58, Kevin T. Neely <[email protected]> >>> wrote: >>> >>> I am also running the latest stable. I have tried the password reset >>> option as mentioned by Spider, to no avail. The system still ignores an >>> input password and remains at the web login screen. >>> >>> thanks for any help! >>> >>> >>> On Wed, Jul 23, 2014 at 12:41 AM, Guillaume CHARDIN < >>> [email protected]> wrote: >>> >>>> Hi Filippo, >>>> >>>> > Do you use SVN code? >>>> I do not use SVN code, i use the last stable : ntopng-1.1_6932. >>>> >>>> > Do you have an old installation (make install) of ntopng in your >>>> system? >>>> I do not have old install files, but still have source and compiled >>>> bin in my system in /$user/ntopng-1.1_6932 >>>> I always start ntopng with full path. >>>> >>>> I can give you access to remote server. I'll contact you in private for >>>> details. >>>> >>>> thanks for your help. >>>> >>>> 2014-07-23 9:31 GMT+02:00 Filippo Fontanelli <[email protected]>: >>>> > Guillaume >>>> > could you please give me the access to the system to check what’s >>>> going on with the issue you have. >>>> > >>>> >>>> > >>>> >>>> > >>>> > Filippo >>>> > >>>> > On 23 Jul 2014, at 09:27, Guillaume CHARDIN < >>>> [email protected]> wrote: >>>> > >>>> >> 2014-07-22 17:41 GMT+02:00 Spider s <[email protected]>: >>>> >>> redis-cli SET user.admin.password b281ec101ca19823d11b1c54a35e1412 >>>> >>> The pass is md5, now is "elpassquesea" >>>> >> I tried this but nothing change. >>>> >> >>>> >> >>>> >> After waiting a looooong time, username and password bow appears but >>>> >> with no CSS. I entered my admin account and right after it redirect >>>> to >>>> >> http://192.168.10.8:3000/authorize.html and a 404 error : >>>> >> Error 404: Not Found File not found >>>> >> on httpdocs, autorize.html does not exist but maybe it's handled by >>>> >> some urlrewrite or something like that. >>>> >> >>>> >> console Logs : >>>> >> [...] Purged 2/219 idle hosts >>>> >> 23/Jul/2014 09:19:15 [HTTPserver.cpp:257] [HTTP] / >>>> >> 23/Jul/2014 09:19:15 [HTTPserver.cpp:257] [HTTP] >>>> >> /bootstrap/css/bootstrap.min.css >>>> >> 23/Jul/2014 09:19:15 [HTTPserver.cpp:257] [HTTP] /js/d3.v2.min.js >>>> >> 23/Jul/2014 09:19:15 [HTTPserver.cpp:257] [HTTP] /js/rickshaw.min.js >>>> >> 23/Jul/2014 09:19:16 [NetworkInterface.cpp:390] Purged 6/324 idle >>>> flows >>>> >> 23/Jul/2014 09:19:16 [HTTPserver.cpp:257] [HTTP] /js/jquery.min.js >>>> >> 23/Jul/2014 09:19:16 [HTTPserver.cpp:257] [HTTP] /css/flags.css >>>> >> 23/Jul/2014 09:19:17 [NetworkInterface.cpp:390] Purged 6/353 idle >>>> flows >>>> >> 23/Jul/2014 09:19:17 [NetworkInterface.cpp:394] Purged 1/223 idle >>>> hosts >>>> >> 23/Jul/2014 09:19:18 [NetworkInterface.cpp:390] Purged 7/356 idle >>>> flows >>>> >> [....] >>>> >> >>>> >> -- >>>> >> Guillaume >>>> >> _______________________________________________ >>>> >> Ntop mailing list >>>> >> [email protected] >>>> >> http://listgateway.unipi.it/mailman/listinfo/ntop >>>> > >>>> > _______________________________________________ >>>> > Ntop mailing list >>>> > [email protected] >>>> > http://listgateway.unipi.it/mailman/listinfo/ntop >>>> >>>> >>>> >>>> -- >>>> Guillaume >>>> _______________________________________________ >>>> Ntop mailing list >>>> [email protected] >>>> http://listgateway.unipi.it/mailman/listinfo/ntop >>>> >>> >>> _______________________________________________ >>> Ntop mailing list >>> [email protected] >>> http://listgateway.unipi.it/mailman/listinfo/ntop >>> >>> >>> >>> _______________________________________________ >>> Ntop mailing list >>> [email protected] >>> http://listgateway.unipi.it/mailman/listinfo/ntop >>> >>> >> > > > _______________________________________________ > Ntop mailing > [email protected]http://listgateway.unipi.it/mailman/listinfo/ntop > > > > _______________________________________________ > Ntop mailing list > [email protected] > http://listgateway.unipi.it/mailman/listinfo/ntop > >
_______________________________________________ Ntop mailing list [email protected] http://listgateway.unipi.it/mailman/listinfo/ntop
