2022-03-21 08:20:22 +0000 | received badge | ● Popular Question (source) |
2022-03-21 08:20:22 +0000 | received badge | ● Notable Question (source) |
2021-08-05 14:12:32 +0000 | received badge | ● Famous Question (source) |
2021-08-05 14:12:32 +0000 | received badge | ● Notable Question (source) |
2021-08-05 14:12:32 +0000 | received badge | ● Popular Question (source) |
2020-09-10 13:12:23 +0000 | received badge | ● Famous Question (source) |
2020-09-10 13:12:23 +0000 | received badge | ● Notable Question (source) |
2020-09-10 13:12:23 +0000 | received badge | ● Popular Question (source) |
2020-06-11 11:28:20 +0000 | received badge | ● Taxonomist |
2018-09-05 12:24:37 +0000 | commented answer | NO-OP Ethernet Packet - Kind of Keep-Alive Probably! I will make(tomorrow) some tests and give you the feedback. |
2018-09-05 05:10:06 +0000 | asked a question | NO-OP Ethernet Packet - Kind of Keep-Alive NO-OP Ethernet Packet - Kind of Keep-Alive I'm looking for some type of Ethernet packet that does nothing! Some type of |
2018-06-22 21:36:34 +0000 | asked a question | Create Custom Statistics Output Create Custon Statistis Output I'm working on a project that is intended to analyse all the broadcast packets(Ex.: ARP, |
2018-04-30 00:54:02 +0000 | received badge | ● Self-Learner (source) |
2018-04-30 00:54:02 +0000 | received badge | ● Teacher (source) |
2018-04-30 00:53:57 +0000 | marked best answer | Identify QinQ (Vlan in Vlan) Without Knowing 2nd vlan I'm doing some captures an an Interface and Writing it to Files. In this interface I'm receiving two expected Vlans (2010, and 2020)... But I saw some hosts in the network sending QinQ vlans... I dicovered it whent I did a: tshark -r capture.pcap -Y "vlan.id == 2010"-o 'gui.column.format:"Mac-Source","%uhs","Vlan","%Cus:vlan.id"' Then i saw some packets, with other vlan tags then 2010:
And I want to create an expression to display-filter that only shows the packets with more then one Vlan Tags. I shure that only packest with first Vlan tags with 2010 and 2020 will come, but I cant precise any vlan ID that will appear on second vlan tag. Does anybody have any suggestion? |
2018-04-29 20:31:45 +0000 | commented answer | Identify QinQ (Vlan in Vlan) Without Knowing 2nd vlan That Correct! A friend mentioned about this possibility of some bad guy using a second tag exactly with the same tag of |
2018-04-29 18:34:27 +0000 | received badge | ● Rapid Responder (source) |
2018-04-29 18:34:27 +0000 | answered a question | Identify QinQ (Vlan in Vlan) Without Knowing 2nd vlan I Discovered how to do this filter! Here is and example! tshark -r capture.pcap -Y "(vlan.id == 2010 and vlan.id != 201 |
2018-04-29 18:06:07 +0000 | received badge | ● Editor (source) |
2018-04-29 18:06:07 +0000 | edited question | Identify QinQ (Vlan in Vlan) Without Knowing 2nd vlan Identify QinQ (Vlan in Vlan) Without Knowing 2nd vlan I'm doing some captures an an Interface and Writing it to Files. I |
2018-04-29 18:03:00 +0000 | asked a question | Identify QinQ (Vlan in Vlan) Without Knowing 2nd vlan Identify QinQ (Vlan in Vlan) Without Knowing 2nd vlan I'm doing some captures an an Interface and Writing it to Files. I |
2018-04-24 03:21:39 +0000 | received badge | ● Rapid Responder |
2018-04-24 03:21:39 +0000 | answered a question | Stream Capture to a host like Mikrotik - TZSP - UDP Encapsulated I found some mention to this on a 2009 post on the wireshark mail list, but following the tread i didn`t found any expla |
2018-04-24 03:19:43 +0000 | asked a question | Stream Capture to a host like Mikrotik - TZSP - UDP Encapsulated Stream Capture to a host like Mikrotik - TZSP - UDP Encapsulated How to do a capture packets with tcpdump and encapsula |