Packet Captures: Difference between revisions
m (→Advanced Packet Filtering: m) |
|||
(8 intermediate revisions by the same user not shown) | |||
Line 64: | Line 64: | ||
|- |
|- |
||
|[[Media:OSPF_LSA_types.cap|OSPF LSAs]] || ||[[OSPF]] |
|[[Media:OSPF_LSA_types.cap|OSPF LSAs]] || ||[[OSPF]] |
||
⚫ | |||
|[[Media:OSPF_LSA_Route_Add_Delete.cap|OSPF LSA Route Add Delete]] || Add - #101; Delete - #130 ||[[OSPF]] |
|||
|- |
|- |
||
|[[Media:Ospf over gre tunnel.cap|OSPF over GRE Tunnel]] || ||[[OSPF]] |
|[[Media:Ospf over gre tunnel.cap|OSPF over GRE Tunnel]] || ||[[OSPF]] |
||
Line 115: | Line 117: | ||
|} |
|} |
||
== |
== HTTP - HTTPS == |
||
{| class="wikitable" |
|||
⚫ | |||
!Packet Type !! Description !! Page Link |
|||
⚫ | |||
⚫ | |||
⚫ | |||
|[[Media:SSL.cap|SSL]], [[Media:Key.zip|Key]] || Sack Used ||[[SSL]] |
|||
|} |
|||
== TCP/IP == |
|||
Line 122: | Line 135: | ||
!Packet Type !! Description !! Page Link |
!Packet Type !! Description !! Page Link |
||
|- |
|- |
||
|[[Media:TCP SACK.cap|TCP SACK]] || SACK(frame #31), Timestamp ||[[TCP/IP#TCP_SACK|TCP/IP]] |
|[[Media:TCP SACK.cap|TCP SACK]] || SACK(frame #31), Timestamp, WSF ||[[TCP/IP#TCP_SACK|TCP/IP]] |
||
|- |
|||
⚫ | |||
|- |
|||
⚫ | |||
|- |
|||
⚫ | |||
|- |
|||
|[[Media:ICMP.pcap|ICMP]] || || [[ICMP]] |
|||
|} |
|||
== Misc Captures == |
|||
{| class="wikitable" |
|||
|- |
|||
!Packet Type !! Description !! Page Link |
|||
|- |
|- |
||
|[[Media:Smtp.pcap|Smtp]] || || |
|[[Media:Smtp.pcap|Smtp]] || || |
||
Line 131: | Line 162: | ||
|- |
|- |
||
|[[Media:Portscan.pcap|Port Scan]] || || |
|[[Media:Portscan.pcap|Port Scan]] || || |
||
⚫ | |||
⚫ | |||
⚫ | |||
⚫ | |||
⚫ | |||
⚫ | |||
|- |
|- |
||
|[[Media:Nat.pcap|NAT]] ||Ping Packet with & without NAT || |
|[[Media:Nat.pcap|NAT]] ||Ping Packet with & without NAT || |
||
Line 166: | Line 191: | ||
|[[Media:Hsrp-and-ospf-in-LAN.pcap|Hsrp-and-ospf-in-LAN]] || || |
|[[Media:Hsrp-and-ospf-in-LAN.pcap|Hsrp-and-ospf-in-LAN]] || || |
||
|- |
|- |
||
|[[Media:RADIUS2.cap|RADIUS2]] || || |
|[[Media:RADIUS2.cap|RADIUS2]] || Using Access-Challenge (EAP) || |
||
|- |
|- |
||
|[[Media:SSHv2.cap|SSHv2]] || || |
|[[Media:SSHv2.cap|SSHv2]] || || |
||
Line 173: | Line 198: | ||
|- |
|- |
||
|[[Media:Bittorrent.pcap|Bittorrent]] || || |
|[[Media:Bittorrent.pcap|Bittorrent]] || || |
||
⚫ | |||
⚫ | |||
|- |
|- |
||
|[[Media:Vnc-sample.pcap|Vnc-sample]] || || |
|[[Media:Vnc-sample.pcap|Vnc-sample]] || || |
Latest revision as of 13:58, 6 October 2019
Various Pcap files for studies are as follows:
PCAP files
Common packet captures files used across the site and for studies are below:
VPN Captures
Packet Type | Description | Page Link |
---|---|---|
ScreenOS Site to Site VPN | Main Mode VPN negotiations (FW1 is Responder; FW2 is Initiator) | VPN Lab, Debug |
Dialup VPN | Aggressive mode Dailup VPN | VPN Lab, Debug |
Aggressive Mode VPN | ||
Dailup Xauth IP VPN | Aggressive mode Dailup VPN with XAuth IP Assignment | VPN Lab, Debug |
Dailup Xauth IP VPN | Aggressive mode Dailup VPN with XAuth User login | VPN Lab, Debug |
NAT Traversal | NAT Traversal on Cisco Routers | VPN Lab, Debug |
Manual Key VPN | Manual Key or Static VPN captures | Manual Key VPN |
FTP-TFTP
Packet Type | Description | Page Link |
---|---|---|
Active Mode FTP | FTP in Active Mode | Active FTP |
Passive Mode FTP | FTP in Passive Mode | Passive FTP |
TFTP RRQ | TFTP Read Request | TFTP |
TFTP WRQ | TFTP Write Request | TFTP |
Routing Protocols
Packet Type | Description | Page Link |
---|---|---|
BGP | BGP | |
eBGP | BGP | |
BGP Notification | BGP | |
BGP MD5 | BGP | |
OSPF | OSPF | |
OSPF MD5 | OSPF | |
OSPF LSAs | OSPF | |
OSPF LSA Route Add Delete | Add - #101; Delete - #130 | OSPF |
OSPF over GRE Tunnel | OSPF | |
EIGRP Neighbors | EIGRP | |
EIGRP adjacency | EIGRP | |
EIGRP goodbye | EIGRP | |
EIGRPv2 adjacency | EIGRP | |
RIPv1 | ||
RIPv2 |
ARP
Packet Type | Description | Page Link |
---|---|---|
ARP | ARP | |
ARP Storm | ARP | |
Gratuitous ARP | ARP | |
Gratuitous ARP HSRP | ARP | |
RARP Request | ARP |
DNS-DHCP
Packet Type | Description | Page Link |
---|---|---|
DNS Capture | Contains TXT, MX, LOC, PTR, A, AAAA, Any, NS, SRV queries | DNS |
DHCP | All packets broadcast implementation | DHCP |
DHCP 2 | Unicast packets implementation | DHCP |
DHCP Inter VLAN | DHCP | |
Dhcp-auth | DHCP |
HTTP - HTTPS
Packet Type | Description | Page Link |
---|---|---|
HTTP | Sack Used | HTTP |
SSL, Key | Sack Used | SSL |
TCP/IP
Packet Type | Description | Page Link |
---|---|---|
TCP SACK | SACK(frame #31), Timestamp, WSF | TCP/IP |
Traceroute | Traceroute | |
Path MTU | Fragmentation Needed message in packet #6 | Path MTU Discovery |
IPv6 | ||
ICMP | ICMP |
Misc Captures
Packet Type | Description | Page Link |
---|---|---|
Smtp | ||
Teardrop | ||
Telnet | ||
Port Scan | ||
NAT | Ping Packet with & without NAT | |
IP Fragmentation | ||
SNMP | ||
SIP | ||
GRE Encapsulated Ping | ||
RADIUS | ||
DTP | ||
Slammer Worm | ||
GLBP election | ||
HDLC | ||
HSRP | ||
HSRP election | ||
HSRP failover | ||
Hsrp-and-ospf-in-LAN | ||
RADIUS2 | Using Access-Challenge (EAP) | |
SSHv2 | ||
TACACS+ | ||
Bittorrent | ||
Vnc-sample | ||
Blaster Worm | ||
OS Fingerprinting | ||
STP | ||
MySQL |
{{#widget:DISQUS
|id=networkm
|uniqid=Packet Captures
|url=https://aman.awiki.org/wiki/Packet_Captures
}}