Ask Your Question

net_tech's profile - activity

2025-03-08 00:28:23 +0000 received badge  Popular Question (source)
2025-03-08 00:28:23 +0000 received badge  Famous Question (source)
2025-03-08 00:28:23 +0000 received badge  Notable Question (source)
2025-03-08 00:07:41 +0000 received badge  Rapid Responder (source)
2025-03-08 00:07:41 +0000 answered a question All IP's showing duplicates

It's impossible to confirm or deny your suspicion if you don't share your capture. Your description of what it looks lik

2025-03-02 00:02:59 +0000 received badge  Popular Question (source)
2025-03-02 00:01:30 +0000 received badge  Notable Question (source)
2025-03-02 00:01:30 +0000 received badge  Popular Question (source)
2025-03-01 21:58:10 +0000 edited question what is slowing down the restore?

what is slowing down the restore? Hi, Here is the first 15 seconds of a SQL database (500GB) restore from a physical Ru

2025-03-01 21:57:34 +0000 asked a question what is slowing down the restore?

what is slowing down the restore? Hi, Here is the first 15 seconds of the SQL database (500GB) restore from a physical

2025-02-23 17:04:42 +0000 commented answer Windows Server DNS response cut short

https://youtu.be/bo88q4JPOR0?si=5IhOOa0plkj_pIzA

2025-02-23 15:20:09 +0000 commented answer Windows Server DNS response cut short

it's needed for private endpoints, at least that is what was i was able to find here. https://learn.microsoft.com/en-us

2025-02-23 14:32:44 +0000 received badge  Teacher (source)
2025-02-23 14:32:44 +0000 received badge  Self-Learner (source)
2025-02-23 14:32:43 +0000 marked best answer Windows Server DNS response cut short

Hi

Looks like our internal DNS servers (W2019) are robbing clients of 257 bytes in DNS traffic. As a result, clients can't get to some of the websites where DNS answers exceed 176 bytes.

Is there a Windows server setting that limits DNS traffic to 176 bytes? We are not seeing this 176 bytes limit on other protocols.

image description

Thank you!

2025-02-23 02:49:51 +0000 answered a question Windows Server DNS response cut short

privatelink.azure-api.net zone was present on the internal DNS server for other reasons, but didn't have the CNAME recor

2025-02-23 02:49:51 +0000 received badge  Rapid Responder (source)
2025-02-22 18:23:17 +0000 commented question Windows Server DNS response cut short

Is this a CNAME chaining issue or CNAME chaining limit configured on the 172.21.59.11 windows server?

2025-02-22 17:16:44 +0000 commented question Windows Server DNS response cut short

@SYN-bit, No, Truncated flag is 0. = : Message is not truncated Someone asked for this behavior here -> https://s

2025-02-22 17:10:26 +0000 commented question Windows Server DNS response cut short

Someone asked for this behavior here -> https://serverfault.com/questions/1160057/bind9-limit-the-answer-rrs-in-a-sta

2025-02-22 16:58:26 +0000 commented question Windows Server DNS response cut short

Capture has been wranglered 97.205.219.232 is 1.1.1.1, 172.16.96.78 - Client, 172.21.59.11 - Server https://drive.go

2025-02-22 16:58:02 +0000 commented question Windows Server DNS response cut short

Capture has been wranglered 97.205.219.232 is 1.1.1.1 172.16.96.78 - Client 172.21.59.11 - Server https://drive.goog

2025-02-22 16:22:56 +0000 commented question Windows Server DNS response cut short

Here is a pcap from a good working environment. Server (192.168.20.5) gets a 433 byte response from 1.1.1.1 and responds

2025-02-22 16:22:26 +0000 commented question Windows Server DNS response cut short

Here is a pcap from a good working environment. Server (192.168.20.5) gets a 433 response from 1.1.1.1 and responds to t

2025-02-22 14:29:27 +0000 asked a question Windows Server DNS response cut short

highway robbery Hi Looks like our internal DNS servers (W2019) are robbing clients of 257 bytes in DNS traffic. As a re

2024-11-29 01:44:21 +0000 edited question NTLM decryption

NTLM decryption Hi, I have a capture of an ansible playbook running against a Windows server in a LAB. Ansible is confi

2024-11-29 01:40:19 +0000 asked a question NTLM decryption

NTLM decryption Hi, I have a capture of an ansible playbook running against a Windows server in a LAB. Ansible is confi

2024-10-16 02:38:23 +0000 commented question DNSSEC question

no, without dns name resolution policy in place on the client computers, there is no record security info in dns headers

2024-10-13 23:32:36 +0000 edited question DNSSEC question

DNSSEC question Hi, We are using DNSSEC on the internal network (Windows 2022 DNS server / 172.16.4.10). Recently I cam

2024-10-13 23:31:11 +0000 edited question DNSSEC question

DNSSEC question Hi, We are using DNSSEC on the internal network (Windows 2022 DNS server / 172.16.4.10). Recently I cam

2024-10-13 23:27:06 +0000 commented question DNSSEC question

the chrome extension is irrelevant, i only mentioned it to show that DNSSEC is enabled. I may have figured it out, AD t

2024-10-13 20:56:32 +0000 commented question DNSSEC question

it's ourdomain.local truncated to hide the identity

2024-10-13 18:44:03 +0000 edited question DNSSEC question

DNSSEC question Hi, We are using DNSSEC on the internal network (Windows 2022 DNS server / 172.16.4.10). Recently I cam

2024-10-13 18:41:46 +0000 asked a question DNSSEC question

DNSSEC question Hi, We are using DNSSEC on the internal network (Windows 2022 DNS server / 172.16.4.10). Recently I cam

2024-10-03 01:06:36 +0000 received badge  Enthusiast
2024-09-29 15:28:21 +0000 commented answer One way throughput problem

is MTU set to 9000 on both A and B hosts?

2024-09-28 22:46:11 +0000 commented answer One way throughput problem

you don't need to capture the payload, limit your capture buffer to be slightly larger than the packet header.

2024-09-28 22:41:02 +0000 commented question One way throughput problem

You are getting almost wirespeed when you are testing A->C (984Mbps) A Hardware: 11th Gen Intel(R) Core(TM) i5-113

2024-09-26 16:37:51 +0000 commented question How do I find the location from which a packet is being sent?

this would give you a general idea where it's from, but will not pinpoint the exact location https://wiki.wireshark.org/

2024-09-25 03:18:14 +0000 commented question One way throughput problem

yes, defaults are fine. -s for server -c for client

2024-09-23 10:40:10 +0000 commented question One way throughput problem

What Windows OS is being used on a server where HFS is installed / running? Can you also run iperf between hosts A and B

2024-09-22 21:04:23 +0000 received badge  Popular Question (source)
2024-09-22 20:54:51 +0000 commented question One way throughput problem

Upload_from_10.10.10.2-Capture_from_10.10.10.2.pcapng - 3 way handshake isn't captured Looks like this is the HTTP ser

2024-09-22 18:56:06 +0000 commented question One way throughput problem

hi If you plug in Host C in to the same switch where Host A is connected are you able to reproduce the problem? can you

2024-09-20 01:28:48 +0000 commented question Wireshark on Qualcomm Snapdragon X Elite or Plus ARM64 machines running Windows

Windows 11. Microsoft Surface Laptops

2024-09-17 02:03:04 +0000 asked a question arm64 and Wireshark

arm64 and Wireshark Hi, Looking at some new laptops with a Snapdragon CPU, is ARM64 installer a native Wireshark app fo

2024-09-17 02:02:59 +0000 asked a question Wireshark on Qualcomm Snapdragon X Elite or Plus ARM64 machines running Windows

arm64 and Wireshark Hi, Looking at some new laptops with a Snapdragon CPU, is ARM64 installer a native Wireshark app fo

2024-09-14 12:33:35 +0000 received badge  Popular Question (source)
2024-08-21 01:07:52 +0000 commented question unidirectional slowness

this was the case where wireshark was showing the results of OS tweaks but not pinpointing to what exactly was changed.

2024-08-18 01:06:11 +0000 received badge  Famous Question (source)