Packet Captures
bgp orf capabilty negotitation.pcapng.cap 328 bytes
Submitted Apr 3, 2014 by altafk
BGP outbound route filtering capabilities negotiation between BGP speakers, sent during route [ Cisco PrefixList ORF-Type (128)].
| Packets: 1 | Duration: n/a | Downloads: 4063 |
bgp med.pcapng.cap 364 bytes
Submitted Apr 2, 2014 by altafk
BGP metric value set to 242( just a random value), used as a suggestion for peer in neighboring AS to influence incoming traffic.
| Packets: 1 | Duration: n/a | Downloads: 4000 |
no-advertise community.pcapng.cap 420 bytes
Submitted Mar 31, 2014 by altafk
BGP update packet with no-advertise community set [Community:NO_ADVERTISE (0xffffff02)] A BGP router telling its BGP peer not to advertise this route to any other peer whether EBGP or IBGP.
| Packets: 2 | Duration: n/a | Downloads: 3889 |
sflow.cap 1.8 KB
Submitted Oct 29, 2013 by hgsuttorp
SFLOW capture containing - counter sample packets - flow sample packet
| Packets: 9 | Duration: 109s | Downloads: 3552 |
snoop-working-ccm7.cap 203.0 KB
Submitted Jul 22, 2013 by earnestavathan
H323 Phone registering!!!
| Packets: 191 | Duration: 1081s | Downloads: 5918 |
icmp fragmented.cap 106.4 KB
Submitted Aug 27, 2012 by altafk
pinged google.com with -l option in windows which allows us to set the data size of the packet.
Data size of 15000 bytes has been chosen and we can see that it is fragmented through the network into a maximum data size 1480 bytes in each packet.
We can also see offset and identification field set in the ip header.
| Packets: 77 | Duration: 11s | Downloads: 9170 |
ospf over gre tunnel.cap 8.2 KB
Submitted Jun 13, 2012 by altafk
Configured ospf over GRE tunnel in which packets are double tagged with ip header, useful when there is no direct connection between the 2 routers but still we need to run ospf.
| Packets: 63 | Duration: 241s | Downloads: 16331 |
connection termination.cap 316 bytes
Submitted Jun 5, 2012 by altafk
This is a connection termination packet in which both the server and client sends fin & ack to each other.
For details of how connection is been teared down by both client and server see the link below.
http://www.firewall.cx/networking-topics/protocols/tcp/136-tcp-flag-options.html
| Packets: 4 | Duration: n/a | Downloads: 11440 |
ospf simple password authentication.cap 766 bytes
Submitted May 14, 2012 by altafk
Simple password authentication in ospf in which we can see password in clear text.
Also the auth type is also specified in the packet which is simple password.
I have also found a very interesting article regarding md5 auth mistakes made by many network engineers the link of which is below.
http://packetlife.net/blog/2010/jun/1/ospfv2-authentication-confusion/
| Packets: 7 | Duration: 60s | Downloads: 10355 |
icmp with record route option set.cap 1.2 KB
Submitted May 9, 2012 by altafk
ping packet with record route option set and IP addresses of all outgoing and incoming interfaces along the path.
In that we can also see position of current pointer.
| Packets: 10 | Duration: 2s | Downloads: 8980 |
dtls_null.cap 2.2 KB
Submitted May 5, 2012 by Kriki
DTLS handshake with one application data packet.
Authentication with server certificate only.
NULL encryption is used to demonstrate the transmission of "TESTING"
| Packets: 7 | Duration: 7s | Downloads: 5559 |
IGMP_V1.cap 2.0 KB
Submitted Apr 2, 2012 by Emieeecy
All IGMP V1 requests : Query General, Join specific group
| Packets: 27 | Duration: 259s | Downloads: 11785 |
IGMP_V2.cap 1.3 KB
Submitted Mar 27, 2012 by Emieeecy
All IGMP V2 requests : Query General, Query specfic group, Join specific group, leave specific group
| Packets: 18 | Duration: 133s | Downloads: 16926 |
stun2.cap 102 bytes
Submitted Mar 2, 2012 by jello
Stun (2) Protocol. UDP Holepunching technique.
| Packets: 1 | Duration: n/a | Downloads: 6405 |
packet-c.cap 675.0 KB
Submitted Jan 31, 2012 by Slaingod
This is a packet capture from a SonicWall. We were troubleshooting DHCP packet flows. The SonicWall saw the DHCP Discover and Sent an Offer. We never saw the DHCP acknowledgement. In the adjacent core stacked switching we were running "debug ip dhcp server packets" we only saw discover packets from IP phones up to the SonicWall. For some reason the SonicWall could not let any other DHCP packets through or out of it INSIDE (LAN) interface. Even if we put an ANY-ANY ALC for that interface. We ended up having to replace the SonicWall and upload the configuration from the old SonicWall to the new one.
-Slaingod
BOOTP DNS HTTP IP LLC SKINNY SSL STP TCP UDP
| Packets: 926 | Duration: 13s | Downloads: 15586 |
IPv6_RTSP.cap 15.5 KB
Submitted Jan 12, 2012 by Jawahar
This capture contains IPv6_RTSP packets. Accessed IPv6 enabled RTSP server using 6in4 tunnel.
| Packets: 17 | Duration: 3s | Downloads: 7325 |
OCSP-Not_Implemted.cap 1.1 KB
Submitted Jun 10, 2011 by kerlenpondi
OCSP-Not_Implemted
| Packets: 10 | Duration: n/a | Downloads: 8869 |
OCSP-Revoked.cap 1.8 KB
Submitted Jun 10, 2011 by kerlenpondi
OCSP (Comodo - FAKE crt Addons-mozilla-org)
| Packets: 10 | Duration: n/a | Downloads: 7422 |
OCSP-Good.cap 3.5 KB
Submitted Jun 8, 2011 by kerlenpondi
OCSP_Good (CRL HTTPS CA Verisign)
| Packets: 14 | Duration: 1s | Downloads: 8911 |
traceroute_MPLS.cap 3.3 KB
Submitted May 14, 2011 by stretch
| Packets: 29 | Duration: 3s | Downloads: 19268 |
cm4116_telnet.cap 9.4 KB
Submitted Mar 1, 2011
Short Telnet session with an Opengear CM4116 used to demonstrate the urgent flag and pointer
| Packets: 113 | Duration: 14s | Downloads: 17673 |
HTTP.cap 24.9 KB
Submitted Mar 1, 2011
Simple HTTP transfer of a PNG image using wget
| Packets: 40 | Duration: n/a | Downloads: 26830 |
DHCP_MessageType 10,11,12 and 13.cap 1.9 KB
Submitted Jan 31, 2011 by Jawahar
Access Concentrator/router queries lease for particular IP addresses using message type as "DHCP LEASE QUERY" and gets response as DHCP LEASE ACTIVE,LEASE UNASSIGNED and LEASE UNKNOWN.
Access Concenttrator/Router IP=10.10.39.14
DHCP server IP=10.10.35.33
| Packets: 6 | Duration: 13s | Downloads: 13490 |
iphttps.cap 12.4 KB
Submitted Nov 12, 2010 by nacnud
IP-HTTPS capture. This is Microsoft's IPv6 inside HTTPS tunneling for DirectAccess.
ARP DNS Ethernet ICMPv6 IGMP IP IPv6 LLC NBNS NBSS SSL TCP UDP
| Packets: 83 | Duration: 38s | Downloads: 14514 |
WCCPv2.pcap.cap 2.8 KB
Submitted Oct 5, 2010 by Ysaad
WCCP communication captures between 7200 Router and a WCCP capable optimization device (In my case it is Riverbed's Stealhead 2050)
| Packets: 15 | Duration: 27s | Downloads: 8735 |