FIREWALL vs PACKET Sniffer [closed] - firewall

Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 3 years ago.
Improve this question
I m new to the computer networking.
I came across two terms FIREWALL and packet sniffer.
To me the operation wise both appears to be same.Please clarify

Firewall
A firewall can either be software-based or hardware-based and is used to help keep a network secure. Its primary objective is to control the incoming and outgoing network traffic by analyzing the data packets and determining whether it should be allowed through or not
Sniffer
A packet analyzer (also known as a network analyzer, protocol analyzer or packet sniffer, or for particular types of networks, an Ethernet sniffer or wireless sniffer) is a computer program or a piece of computer hardware that can intercept and log traffic passing over a digital network or part of a network
By the way you can also check wikipedia...

Related

PXE Won't boot with new version of Boot agent [closed]

Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
Closed 5 years ago.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Improve this question
We are running WDS on server2012 and it's doing fine with older machines. But we bought new stack of HP's with Intel i217-lm NIC, it is using Boot agent GE v.1.5.50.
When we are trying to boot it gets ip via dhcp, but ends with error:
PXE-E55: ProxyDHCP service did not reply to request on port 4011
I tried to change dhcp scope options by MS recommendations:
Option 60= PXEClient
Option 66= WDS server name or IP address
Option 67= Boot file name
Any suggestions
To see if the DHCP process is where the problem lies, one test to try is running Wireshark on the DHCP server to see if the packet was received by the server, and if the server sent the packet back to the i217 adapter.
If the packet reached the DHCP server but didn't get sent back maybe it is a firewall issue. I would also check the IP address leases and make sure everything looks error-free (ie no duplicate IPs, bad addresses).
Also if you want to verify that there are not known PXE issues with the i217 adapters, or if there any quirks, you can ask the Wired Ethernet blog at communities.intel.com about the issue you're seeing. They usually have someone who can help from Intel on there.
Workaround was booting from network in UEFI mode. There is limitations regarding new Intel's boot agent

Feel Management Stress test [closed]

Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 2 years ago.
Improve this question
I am working on a fleet management system that track a fleet fo ambulance using tracking device "Teltonika FMXXXX".
The system should finally operate almost 1400 ambulance, recording their history (Position, speed, ...) and online tracking.
I need to do a stress test on the server. I need to ensure that the 1400 devices will operate probably and the server can handle them.
I need to know how to simulate 1400 devices that send there data packet through TCP protocol?
The only way to do this is to write a basic teltonika GSM-GPS module emulation program that connects to your server and send some fake location etc as many times as you want.
In order to do that you have to read your FM-xxxxx device protocol and see how teltonika's protocol works.
Usually those kind of device protocols are proprietary and you have to ask the ventor (teltonika) to provide you more info about the protocol, in order to implement the whole communication scenario.
you can take a look at this pdf Teltonika FM Protocol

How to monitor p2p traffic in a network using wireshark? [closed]

Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 8 years ago.
Improve this question
I want to monitor bittorent traffic in my LAN. I used wireshark for that. But I couldn't able to find packets by using wireshark. But can monitor with UDP port number
we can use colasoft packet analyzer. It helps to monitor P2P traffic. Since Skype uses p2p.
Visit http://www.colasoft.com/.
Yeah, I agree. One of Colasoft Capsa 7.8's new features is VOIP analysis.
Below is what I found on their site.
"Capsa 7.8 provides a VoIP analysis module to capture and analyze VoIP calls and graphically display VoIP analysis results, which helps IT staff baseline and troubleshoot VoIP-based networks.
A VoIP view is provided to list all VoIP calls as well as their related statistics and has a lower pane for analyzing voice and video control flows and media flows as well as their jitter, loss, MOS, etc., to visualize analysis data and assess voice and video quality."
source: http://www.colasoft.com/capsa/whatsnew.php

Where Linux kernel(3.4.34) open port on nat device? [closed]

Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 9 years ago.
Improve this question
I use an Linux Server for nat device.
Currently it looks like [PC1,2,3]--[Linux]--[Internet]
There is no issue at all , but I'm curious about , when I open a service (ex: FTP WWW ) on my PC1 , did my [Linux] also opened a port service on it ?
I did trace code for the
CONFIG_NF_CONNTRACK_FTP
CONFIG_NF_NAT_FTP
but I cant find related code about port open.
Thanks for your read.
There are various techniques used the make a router/firewall automatically forward ports to its clients. For example there are some protocols like: IGD, NAT-PMP et similia.
But those protocol need to be implemented both on router and on client. So automatic port-mapping won't work out of the box in many cases.
The lines in kernel config you are referring to CONFIG_NF_CONNTRACK_FTP CONFIG_NF_NAT_FTP are used for another reason: due to the fact that FTP protocol use two different tcp streams for comunication (one of which does not have to be "listened" by the server) your firewall needs extra "effort" to track the connection and act accordingly.

Using IPsec to ensure traffic between the peers is always encrypted [closed]

Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 5 years ago.
Improve this question
I have implemented a IPsec connection between two pairs using openswan (opens/wan) in CentOS 6. This is running fine and i can see the traffic is encrypted. However if for whatever reason the IPsec tunnel no longer exists (maybe someone turned it off, maybe it crashed, etc), traffic will still flow between the peers as unencrypted traffic.
How can I ensure that traffic between these two peers is always sent encrypted with IPsec or no traffic between the peers is accepted.
Iptables does not seem to help, as the packets go through the iptables rules twice once encrypted and once again unencrypted.
Thanks in advance.

Resources