Packet Captures: Difference between revisions
Content added Content deleted
m (→Advanced Packet Filtering: m) |
|||
(8 intermediate revisions by the same user not shown) | |||
Line 64:
|-
|[[Media:OSPF_LSA_types.cap|OSPF LSAs]] || ||[[OSPF]]
|-▼
|[[Media:OSPF_LSA_Route_Add_Delete.cap|OSPF LSA Route Add Delete]] || Add - #101; Delete - #130 ||[[OSPF]]
|-
|[[Media:Ospf over gre tunnel.cap|OSPF over GRE Tunnel]] || ||[[OSPF]]
Line 115 ⟶ 117:
|}
==
{| class="wikitable"
|-▼
!Packet Type !! Description !! Page Link
|-▼
|[[Media:http.cap|HTTP]] || Sack Used ||[[HTTP]]▼
|-▼
|[[Media:SSL.cap|SSL]], [[Media:Key.zip|Key]] || Sack Used ||[[SSL]]
|}
== TCP/IP ==
Line 122 ⟶ 135:
!Packet Type !! Description !! Page Link
|-
|[[Media:TCP SACK.cap|TCP SACK]] || SACK(frame #31), Timestamp, WSF ||[[TCP/IP#TCP_SACK|TCP/IP]]
|-
|[[Media:Tracert.pcap|Traceroute]] || || [[ICMP#Traceroute|Traceroute]]▼
|-
|[[Media:Path MTU discovery.cap|Path MTU]] ||Fragmentation Needed message in packet #6 || [[ICMP#Path_MTU_Discovery|Path MTU Discovery]]▼
|-
|[[Media:IPv6.pcap|IPv6]] || ||▼
|-
|[[Media:ICMP.pcap|ICMP]] || || [[ICMP]]
|}
== Misc Captures ==
{| class="wikitable"
|-
!Packet Type !! Description !! Page Link
|-
|[[Media:Smtp.pcap|Smtp]] || ||
Line 131 ⟶ 162:
|-
|[[Media:Portscan.pcap|Port Scan]] || ||
▲|-
▲|[[Media:Tracert.pcap|Traceroute]] || || [[ICMP#Traceroute|Traceroute]]
▲|-
▲|[[Media:Path MTU discovery.cap|Path MTU]] ||Fragmentation Needed message in packet #6 || [[ICMP#Path_MTU_Discovery|Path MTU Discovery]]
▲|-
▲|[[Media:http.cap|HTTP]] || Sack Used ||[[HTTP]]
|-
|[[Media:Nat.pcap|NAT]] ||Ping Packet with & without NAT ||
Line 166 ⟶ 191:
|[[Media:Hsrp-and-ospf-in-LAN.pcap|Hsrp-and-ospf-in-LAN]] || ||
|-
|[[Media:RADIUS2.cap|RADIUS2]] || Using Access-Challenge (EAP) ||
|-
|[[Media:SSHv2.cap|SSHv2]] || ||
Line 173 ⟶ 198:
|-
|[[Media:Bittorrent.pcap|Bittorrent]] || ||
▲|-
▲|[[Media:IPv6.pcap|IPv6]] || ||
|-
|[[Media:Vnc-sample.pcap|Vnc-sample]] || ||
|
Latest revision as of 13:58, 6 October 2019
Various Pcap files for studies are as follows:
PCAP files
Common packet captures files used across the site and for studies are below:
VPN Captures
Packet Type | Description | Page Link |
---|---|---|
ScreenOS Site to Site VPN | Main Mode VPN negotiations (FW1 is Responder; FW2 is Initiator) | VPN Lab, Debug |
Dialup VPN | Aggressive mode Dailup VPN | VPN Lab, Debug |
Aggressive Mode VPN | ||
Dailup Xauth IP VPN | Aggressive mode Dailup VPN with XAuth IP Assignment | VPN Lab, Debug |
Dailup Xauth IP VPN | Aggressive mode Dailup VPN with XAuth User login | VPN Lab, Debug |
NAT Traversal | NAT Traversal on Cisco Routers | VPN Lab, Debug |
Manual Key VPN | Manual Key or Static VPN captures | Manual Key VPN |
FTP-TFTP
Packet Type | Description | Page Link |
---|---|---|
Active Mode FTP | FTP in Active Mode | Active FTP |
Passive Mode FTP | FTP in Passive Mode | Passive FTP |
TFTP RRQ | TFTP Read Request | TFTP |
TFTP WRQ | TFTP Write Request | TFTP |
Routing Protocols
Packet Type | Description | Page Link |
---|---|---|
BGP | BGP | |
eBGP | BGP | |
BGP Notification | BGP | |
BGP MD5 | BGP | |
OSPF | OSPF | |
OSPF MD5 | OSPF | |
OSPF LSAs | OSPF | |
OSPF LSA Route Add Delete | Add - #101; Delete - #130 | OSPF |
OSPF over GRE Tunnel | OSPF | |
EIGRP Neighbors | EIGRP | |
EIGRP adjacency | EIGRP | |
EIGRP goodbye | EIGRP | |
EIGRPv2 adjacency | EIGRP | |
RIPv1 | ||
RIPv2 |
ARP
Packet Type | Description | Page Link |
---|---|---|
ARP | ARP | |
ARP Storm | ARP | |
Gratuitous ARP | ARP | |
Gratuitous ARP HSRP | ARP | |
RARP Request | ARP |
DNS-DHCP
Packet Type | Description | Page Link |
---|---|---|
DNS Capture | Contains TXT, MX, LOC, PTR, A, AAAA, Any, NS, SRV queries | DNS |
DHCP | All packets broadcast implementation | DHCP |
DHCP 2 | Unicast packets implementation | DHCP |
DHCP Inter VLAN | DHCP | |
Dhcp-auth | DHCP |
HTTP - HTTPS
Packet Type | Description | Page Link |
---|---|---|
HTTP | Sack Used | HTTP |
SSL, Key | Sack Used | SSL |
TCP/IP
Packet Type | Description | Page Link |
---|---|---|
TCP SACK | SACK(frame #31), Timestamp, WSF | TCP/IP |
Traceroute | Traceroute | |
Path MTU | Fragmentation Needed message in packet #6 | Path MTU Discovery |
IPv6 | ||
ICMP | ICMP |
Misc Captures
Packet Type | Description | Page Link |
---|---|---|
Smtp | ||
Teardrop | ||
Telnet | ||
Port Scan | ||
NAT | Ping Packet with & without NAT | |
IP Fragmentation | ||
SNMP | ||
SIP | ||
GRE Encapsulated Ping | ||
RADIUS | ||
DTP | ||
Slammer Worm | ||
GLBP election | ||
HDLC | ||
HSRP | ||
HSRP election | ||
HSRP failover | ||
Hsrp-and-ospf-in-LAN | ||
RADIUS2 | Using Access-Challenge (EAP) | |
SSHv2 | ||
TACACS+ | ||
Bittorrent | ||
Vnc-sample | ||
Blaster Worm | ||
OS Fingerprinting | ||
STP | ||
MySQL |
{{#widget:DISQUS
|id=networkm
|uniqid=Packet Captures
|url=https://aman.awiki.org/wiki/Packet_Captures
}}