• Kiếm tiền với Hostinger

    Kiếm Tiền Cùng Hostinger

    Bạn đang tìm kiếm cách kiếm thêm thu nhập online? Hãy tham gia ngay chương trình Affiliate của Hostinger! Với mỗi khách hàng đăng ký thông qua liên kết của bạn, bạn sẽ nhận được khoản hoa hồng hấp dẫn.

    Hostinger cung cấp các dịch vụ lưu trữ web (hosting) chất lượng cao với mức giá cạnh tranh, giúp bạn dễ dàng giới thiệu và thu hút người dùng.

    Đừng bỏ lỡ cơ hội tuyệt vời này để tăng thêm thu nhập thụ động.

    Tham Gia Ngay

Packet Sniffer – RFC

TigerDao

Administrator
Thành viên BQT


Packet Captures are one of the best and primary troubleshooting tools in networking. RouterOS includes three different ways ( 4 if you include CALEA) that you can capture packets. There is the Packet Sniffer tool that is used for everything except wireless packets. There is the Wireless Sniffer specifically for wireless packets and then there is the firewall (mangle has the ability to sniff packets). This tutorial will only cover the Packet Sniffer tool found under the main Tools menu. First, we’ll look at the settings, then we’ll look at how to save the packet capture to the router, and finally, we’ll look at streaming the packet capture to a PC running Wireshark.

Packet Sniffer Settings


Packet_Sniffer (1)


Packet_Sniffer (2)


Packet_Sniffer (3)


Packet_Sniffer (4)


Packet_Sniffer (5)


Packet_Sniffer (6)


Packet_Sniffer (7)


Packet_Sniffer (8)




Built in Analysis Tools




Packet_Sniffer (9)


Packet_Sniffer (10)


Packet_Sniffer (11)


Packet_Sniffer (12)


Packet_Sniffer (13)


Saving a Packet Capture as a file


To save your packet capture to your router, all that is required is to give the file a name and ensure that the File Limit size makes sense for what you are trying do. The Only Headers option and the Memory Scroll option should also be evaluated for their use. Using the Filters will make the packet capture easy to understand. Once the file is saved to the Files menu, it can be download by dropping and dragging through Winbox, downloading from the router’s webpage, FTP, or any other means you would normally use.

Packet_Sniffer_Files


Streaming the Packet Capture to Wireshark


Streaming your packet capture to Wireshark can be very valuable for three main reasons. First, you can analyze the information in real time. Second, the PC that is running Wireshark (or some other packet analysis tool) will probably be faster and have more storage space than the router. And last, but not least, the analysis tools that you then have at your disposal are far more robust that what the router can provide all by itself.

To configure the router for streaming, ensure that there is not a File Name specified on the General tab. On the Streaming tab, enable streaming and specify the address of the PC running your packet analysis tool. Evaluate whether or not to enable the Filter Stream option (when in doubt, leave it unchecked).

Packet_Sniffer_Streaming


To configure Wireshark to receive the stream, open Wireshark and you will be met with a window to select what interface to start the packet capture with. In this example, I was communicating with my router through my wireless interface, so I highlighted “Wi-Fi” and then I specified a filter for the selected interfaces. The router sends the information as a UDP stream on port 37008 so you will have to add a filter as well:

udp port 37008

If you forget or just want to verify the port number, the stream will show up in Torch. To start the packet capture you click on the Shark Fin icon below the File menu.

If you already have Wireshark open, you go to the Capture Menu and choose Options. this will bring you to the settings that you are met with when the program starts. See example below:

Packet_Sniffer_Streaming2


Packet_Sniffer_Streaming3


Packet_Sniffer_Streaming4


Packet_Sniffer_Streaming5




Hope you enjoyed this tutorial! If you have any questions or insights, please add a comment below.





Like this:​


Like Loading…


Related


Xem tiếp...
 
Top