On 16.07.2010 13:11, shivanic wrote:
Hello Rainer,
Regarding the solution proposed to sniff for packet movement - what tool was
used for this purpose.
(wireshark is one of the tools used generally )
Wirshark or tcpdump. Both use libpcap format for the raw packet capture.
So you can e.g. sniff using the commandline tool tcpdump which will be
simpler to use on the server, and then have a look at the data using
wireshark. If you are familar with tcdump, you can do the analysis also
using only tcpdump, if you need a GUI to suppot you in doing the
analysis, wireshark is helpful.
Rainer Jung-3 wrote:
Checking the MAC addresses revealed, those packets were not coming rom
the browser,
but instead from some other network security device. Thi device decided
the traffic was malicious and send a reset packet. The traffic was not
going through the device, it simply sniffed the LAN traffic and inserted
a reset packet when it thought it would help security ...
Regards,
Rainer
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
