!!! UNIX !!!: Check the network traffic using snoop

snoop -V Summary verbose output

snoop -v Detailed verbose output

snoop -o filename Redirects the snoop utility output to filename in summary mode

snoop -i filename Displays packets that were previously captured in filename

snoop -C List the code generated from the filter expression for either the kernel packet filter, or snoop's own filter.

snoop -D Display number of packets dropped during capture on the summary line

snoop -P Capture packets in non-promiscuous mode. Only broadcast,multicast, or packets addressed to the host machine will be seen

snoop -S Display size of the entire link layer frame in bytes in the summary line

snoop -c Quit after capturing maxcount packets. Else contnue till ^c

snoop -d Receive packets from the network using the interface specified. Normally, snoop will automatically choose the first non-loopback interface it finds.

snoop -n Use filename as an IP address-to-name mapping table. This file must have the same format as the /etc/hosts file (IP address followed by the hostname).

snoop -r Do not resolve the IP address to the symbolic name.

snoop to

snoop from

snoop -i -p Select one or more packets to be displayed from a capture file

============================EXAMPLES============================

bash-3.00# snoop -v

Using device bge0 (promiscuous mode)

ETHER: ----- Ether Header -----

ETHER:

ETHER: Packet 1 arrived at 12:05:27.66592

ETHER: Packet size = 146 bytes

ETHER: Destination = 0:1c:b0:88:48:0,

ETHER: Source = 0:3:ba:d8:98:48,

ETHER: Ethertype = 0800 (IP)

ETHER:

IP: ----- IP Header -----

IP:

IP: Version = 4

IP: Header length = 20 bytes

IP: Type of service = 0x00

IP: xxx. .... = 0 (precedence)

IP: ...0 .... = normal delay

IP: .... 0... = normal throughput

IP: .... .0.. = normal reliability

IP: .... ..0. = not ECN capable transport

IP: .... ...0 = no ECN congestion experienced

IP: Total length = 132 bytes

IP: Identification = 22651

IP: Flags = 0x4

IP: .1.. .... = do not fragment

IP: ..0. .... = last fragment

IP: Fragment offset = 0 bytes

IP: Time to live = 60 seconds/hops

IP: Protocol = 6 (TCP)

IP: Header checksum = 0000

IP: Source address = 10.2.185.203, Thishost

IP: Destination address = 10.1.64.174, Server1.network.com

IP: No options

IP:

TCP: ----- TCP Header -----

TCP:

TCP: Source port = 22

TCP: Destination port = 60266

TCP: Sequence number = 1051504699

TCP: Acknowledgement number = 2429404628

TCP: Data offset = 32 bytes

TCP: Flags = 0x18

TCP: 0... .... = No ECN congestion window reduced

TCP: .0.. .... = No ECN echo

TCP: ..0. .... = No urgent pointer

TCP: ...1 .... = Acknowledgement

TCP: .... 1... = Push

TCP: .... .0.. = No reset

TCP: .... ..0. = No Syn

TCP: .... ...0 = No Fin

TCP: Window = 49232

TCP: Checksum = 0x0000

TCP: Urgent pointer = 0

TCP: Options: (12 bytes)

TCP: - No operation

TCP: - TS Val = 103734689, TS Echo = 386530019

TCP:

bash-3.00# snoop -V

Using device bge0 (promiscuous mode)

________________________________

Thishost -> Server1.network.com ETHER Type=0800 (IP), size = 146 bytes

Thishost -> Server1.network.com IP D=10.1.64.174 S=10.2.185.203 LEN=132, ID=22921, TOS=0x0, TTL=60

Thishost -> Server1.network.com TCP D=60266 S=22 Push Ack=2429408900 Seq=1051522363 Len=80 Win=49232 Options=

op,tstamp 103750042 386545372>

bash-3.00# snoop -o /var/tmp/snoop-op

Using device bge0 (promiscuous mode)

55 ^C

bash-3.00#

bash-3.00# file /var/tmp/snoop-op

/var/tmp/snoop-op: Snoop capture file - version 2

bash-3.00#

bash-3.00# snoop -i /var/tmp/snoop-op

1 0.00000 Thishost -> Server1.network.com TCP D=60266 S=22 Push Ack=2429410484 Seq=1051528203 Len=80 Win=49232 Options=

2 0.00177 Server1.network.com -> Thishost TCP D=22 S=60266 Ack=1051528283 Seq=2429410484 Len=0 Win=33304 Options=

3 0.94920 10.2.185.2 -> ALL-ROUTERS.MCAST.NET UDP D=1985 S=1985 LEN=28

4 0.03904 Server1.network.com -> Thishost ICMP Echo request (ID: 1754 Sequence number: 439)

5 0.00007 Thishost -> Server1.network.com ICMP Echo reply (ID: 1754 Sequence number: 439)

6 0.00588 Thishost -> Server1.network.com TCP D=60266 S=22 Push Ack=2429410484 Seq=1051528283 Len=64 Win=49232 Options=

7 0.09375 Server1.network.com -> Thishost TCP D=22 S=60266 Ack=1051528347 Seq=2429410484 Len=0 Win=33304 Options=

8 0.66092 ? -> (multicast) ETHER Type=023C (LLC/802.3), size = 53 bytes

9 0.23910 Server1.network.com -> Thishost ICMP Echo request (ID: 1754 Sequence number: 440)

10 0.00006 Thishost -> Server1.network.com ICMP Echo reply (ID: 1754 Sequence number: 440)

11 0.00598 Thishost -> Server1.network.com TCP D=60266 S=22 Push Ack=2429410484 Seq=1051528347 Len=64 Win=49232 Options=

bash-3.00# snoop -C

Using device bge0 (promiscuous mode)

Thishost -> Server1.network.com TCP D=60266 S=22 Push Ack=2429425812 Seq=1051569195 Len=80 Win=49232 Options=

Server1.network.com -> Thishost TCP D=22 S=60266 Ack=1051569275 Seq=2429425812 Len=0 Win=33304 Options=

10.2.185.1 -> ALL-ROUTERS.MCAST.NET UDP D=1985 S=1985 LEN=28

10.2.185.22 -> BROADCAST DHCP/BOOTP DHCPINFORM

10.2.185.22 -> 10.2.185.255 NBT NS Query Request for WPAD[0], Success

sunws7.network.com -> 10.2.185.255 NBT NS Query Request for BELGACOM_MOBILE[1d], Success

10.2.185.25 -> (broadcast) ARP C Who is 10.2.185.202, sunws7.network.com ?

sunws14.network.com -> 10.2.185.255 NBT NS Query Request for BELGACOM_MOBILE[1d], Success

10.2.185.25 -> (broadcast) ARP C Who is 10.2.185.206, sunws14.network.com ?

10.2.185.2 -> ALL-ROUTERS.MCAST.NET UDP D=1985 S=1985 LEN=28

? -> (multicast) ETHER Type=023C (LLC/802.3), size = 53 bytes

10.2.185.22 -> 10.2.185.255 NBT NS Query Request for WPAD[0], Success

Thishost -> Server2.network.com DNS C 1.185.2.10.in-addr.arpa. Internet PTR ?

Thishost -> Server1.network.com TCP D=60266 S=22 Push Ack=2429425812 Seq=1051569275 Len=352 Win=49232 Options=

Server2.network.com -> Thishost DNS R Error: 3(Name Error)

Thishost -> Server2.network.com DNS C 22.185.2.10.in-addr.arpa. Internet PTR ?

Thishost -> Server1.network.com TCP D=60266 S=22 Push Ack=2429425812 Seq=1051569627 Len=112 Win=49232 Options=

Server2.network.com -> Thishost DNS R Error: 3(Name Error)

Server1.network.com -> Thishost TCP D=22 S=60266 Ack=1051569739 Seq=2429425812 Len=0 Win=33304 Options=

Thishost -> Server2.network.com DNS C 255.185.2.10.in-addr.arpa. Internet PTR ?

Thishost -> Server1.network.com TCP D=60266 S=22 Push Ack=2429425812 Seq=1051569739 Len=96 Win=49232 Options=

Server2.network.com -> Thishost DNS R Error: 3(Name Error)

Thishost -> Server2.network.com DNS C 202.185.2.10.in-addr.arpa. Internet PTR ?

Thishost -> Server1.network.com TCP D=60266 S=22 Push Ack=2429425812 Seq=1051569835 Len=112 Win=49232 Options=

Server1.network.com -> Thishost TCP D=22 S=60266 Ack=1051569947 Seq=2429425812 Len=0 Win=33304 Options=

Server2.network.com -> Thishost DNS R 202.185.2.10.in-addr.arpa. Internet PTR sunws7.network.com.

Thishost -> Server2.network.com DNS C 25.185.2.10.in-addr.arpa. Internet PTR ?

Thishost -> Server1.network.com TCP D=60266 S=22 Push Ack=2429425812 Seq=1051569947 Len=144 Win=49232 Options=

Server2.network.com -> Thishost DNS R Error: 3(Name Error)

Thishost -> Server2.network.com DNS C 2.185.2.10.in-addr.arpa. Internet PTR ?

Thishost -> Server1.network.com TCP D=60266 S=22 Push Ack=2429425812 Seq=1051570091 Len=304 Win=49232 Options=

Server2.network.com -> Thishost DNS R Error: 3(Name Error)

Server1.network.com -> Thishost TCP D=22 S=60266 Ack=1051570395 Seq=2429425812 Len=0 Win=33304 Options=

Thishost -> Server1.network.com TCP D=60266 S=22 Push Ack=2429425812 Seq=1051570395 Len=256 Win=49232 Options=

Server1.network.com -> Thishost TCP D=22 S=60266 Ack=1051570651 Seq=2429425812 Len=0 Win=33304 Options=

10.2.185.22 -> 10.2.185.255 NBT NS Query Request for WPAD[0], Success

bash-3.00# snoop -D

Using device bge0 (promiscuous mode)

Thishost -> Server1.network.com drops: 0 TCP D=60266 S=22 Push Ack=2429427396 Seq=1051577611 Len=80 Win=49232 Options=

Server1.network.com -> Thishost drops: 0 TCP D=22 S=60266 Ack=1051577691 Seq=2429427396 Len=0 Win=33304 Options=

10.2.185.1 -> ALL-ROUTERS.MCAST.NET drops: 0 UDP D=1985 S=1985 LEN=28

? -> (multicast) drops: 0 ETHER Type=023C (LLC/802.3), size = 53 bytes

Thishost -> Server2.network.com drops: 0 DNS C 1.185.2.10.in-addr.arpa. Internet PTR ?

Thishost -> Server1.network.com drops: 0 TCP D=60266 S=22 Push Ack=2429427396 Seq=1051577691 Len=368 Win=49232 Options=

Server2.network.com -> Thishost drops: 0 DNS R Error: 3(Name Error)

Thishost -> Server1.network.com drops: 0 TCP D=60266 S=22 Push Ack=2429427396 Seq=1051578059 Len=192 Win=49232 Options=

Server1.network.com -> Thishost drops: 0 TCP D=22 S=60266 Ack=1051578251 Seq=2429427396 Len=0 Win=33304 Options=

10.2.185.2 -> ALL-ROUTERS.MCAST.NET drops: 0 UDP D=1985 S=1985 LEN=28

Thishost -> Server2.network.com drops: 0 DNS C 2.185.2.10.in-addr.arpa. Internet PTR ?

Thishost -> Server1.network.com drops: 0 TCP D=60266 S=22 Push Ack=2429427396 Seq=1051578251 Len=560 Win=49232 Options=

Thishost -> Server1.network.com drops: 0 TCP D=60266 S=22 Push Ack=2429427396 Seq=1051578811 Len=208 Win=49232 Options=

Server2.network.com -> Thishost drops: 0 DNS R Error: 3(Name Error)

Server1.network.com -> Thishost drops: 0 TCP D=22 S=60266 Ack=1051579019 Seq=2429427396 Len=0 Win=33304 Options=

Thishost -> Server1.network.com drops: 0 TCP D=60266 S=22 Push Ack=2429427396 Seq=1051579019 Len=112 Win=49232 Options=

Server1.network.com -> Thishost drops: 0 TCP D=22 S=60266 Ack=1051579131 Seq=2429427396 Len=0 Win=33304 Options=

? -> (multicast) drops: 0 ETHER Type=023C (LLC/802.3), size = 53 bytes

Thishost -> Server1.network.com drops: 0 TCP D=60266 S=22 Push Ack=2429427396 Seq=1051579131 Len=560 Win=49232 Options=

Thishost -> Server1.network.com drops: 0 TCP D=60266 S=22 Push Ack=2429427396 Seq=1051579691 Len=608 Win=49232 Options=

Server1.network.com -> Thishost drops: 0 TCP D=22 S=60266 Ack=1051580299 Seq=2429427396 Len=0 Win=33304 Options=

10.2.185.1 -> ALL-ROUTERS.MCAST.NET drops: 0 UDP D=1985 S=1985 LEN=28

^Cbash-3.00#

bash-3.00#

bash-3.00# snoop -P

Using device bge0 (non promiscuous)

Server1.network.com -> Thishost TCP D=22 S=60266 Ack=1051587227 Seq=2429429172 Len=0 Win=33304 Options=

? -> (multicast) ETHER Type=023C (LLC/802.3), size = 53 bytes

10.2.185.1 -> ALL-ROUTERS.MCAST.NET UDP D=1985 S=1985 LEN=28

Server2.network.com -> Thishost DNS R Error: 3(Name Error)

Server1.network.com -> Thishost TCP D=22 S=60266 Ack=1051587611 Seq=2429429172 Len=0 Win=33304 Options=

10.2.185.2 -> ALL-ROUTERS.MCAST.NET UDP D=1985 S=1985 LEN=28

Server2.network.com -> Thishost DNS R Error: 3(Name Error)

Server1.network.com -> Thishost TCP D=22 S=60266 Ack=1051587995 Seq=2429429172 Len=0 Win=33304 Options=

? -> (multicast) ETHER Type=023C (LLC/802.3), size = 53 bytes

Server1.network.com -> Thishost TCP D=22 S=60266 Ack=1051588331 Seq=2429429172 Len=0 Win=33304 Options=

10.2.185.1 -> ALL-ROUTERS.MCAST.NET UDP D=1985 S=1985 LEN=28

bash-3.00# snoop -S

Using device bge0 (promiscuous mode)

Thishost -> Server1.network.com length: 146 TCP D=60266 S=22 Push Ack=2429430324 Seq=1051599819 Len=80 Win=49232 Options=

Server1.network.com -> Thishost length: 66 TCP D=22 S=60266 Ack=1051599899 Seq=2429430324 Len=0 Win=33304 Options=

10.2.185.2 -> ALL-ROUTERS.MCAST.NET length: 62 UDP D=1985 S=1985 LEN=28

Thishost -> Server2.network.com length: 83 DNS C 2.185.2.10.in-addr.arpa. Internet PTR ?

Thishost -> Server1.network.com length: 450 TCP D=60266 S=22 Push Ack=2429430324 Seq=1051599899 Len=384 Win=49232 Options=

Server2.network.com -> Thishost length: 146 DNS R Error: 3(Name Error)

Server1.network.com -> Thishost length: 114 TCP D=22 S=60266 Push Ack=1051600283 Seq=2429430324 Len=48 Win=33304 Options=

Thishost -> Server1.network.com length: 178 TCP D=60266 S=22 Push Ack=2429430372 Seq=1051600283 Len=112 Win=49232 Options=

Server1.network.com -> Thishost length: 66 TCP D=22 S=60266 Ack=1051600395 Seq=2429430372 Len=0 Win=33304 Options=

? -> (multicast) length: 53 ETHER Type=023C (LLC/802.3), size = 53 bytes

10.120.130.21 -> 10.2.185.11 length: 749 TCP D=58056 S=5060 Ack=177877911 Seq=3556256683 Len=695 Win=32768

10.2.185.1 -> ALL-ROUTERS.MCAST.NET length: 62 UDP D=1985 S=1985 LEN=28

bash-3.00# snoop -c 2

Using device bge0 (promiscuous mode)

Thishost -> Server1.network.com TCP D=60266 S=22 Push Ack=2429432724 Seq=1051609275 Len=80 Win=49232 Options=

Server1.network.com -> Thishost TCP D=22 S=60266 Ack=1051609355 Seq=2429432724 Len=0 Win=33304 Options=

2 packets captured

bash-3.00# snoop -d bge0

Using device bge0 (promiscuous mode)

Thishost -> Server1.network.com TCP D=60266 S=22 Push Ack=2429434500 Seq=1051617819 Len=80 Win=49232 Options=

Server1.network.com -> Thishost TCP D=22 S=60266 Ack=1051617899 Seq=2429434500 Len=0 Win=33304 Options=

Thishost -> Server1.network.com TCP D=60266 S=22 Push Ack=2429434500 Seq=1051617899 Len=352 Win=49232 Options=

10.2.185.2 -> ALL-ROUTERS.MCAST.NET UDP D=1985 S=1985 LEN=28

Server1.network.com -> Thishost TCP D=22 S=60266 Ack=1051618251 Seq=2429434500 Len=0 Win=33304 Options=

? -> (multicast) ETHER Type=023C (LLC/802.3), size = 53 bytes

bash-3.00# cp /etc/hosts /var/tmp/hosts-snoop

bash-3.00#

bash-3.00# snoop -n /var/tmp/hosts-snoop

Loading name file /var/tmp/hosts-snoop

Using device bge0 (promiscuous mode)

Thishost -> Server1.network.com TCP D=60266 S=22 Push Ack=2429437204 Seq=1051621739 Len=112 Win=49232 Options=

Server1.network.com -> Thishost TCP D=22 S=60266 Ack=1051621851 Seq=2429437204 Len=0 Win=33304 Options=

Thishost -> Server1.network.com TCP D=60266 S=22 Push Ack=2429437204 Seq=1051621851 Len=352 Win=49232 Options=

Server1.network.com -> Thishost TCP D=22 S=60266 Ack=1051622203 Seq=2429437204 Len=0 Win=33304 Options=

? -> (multicast) ETHER Type=023C (LLC/802.3), size = 53 bytes

Thishost -> Server1.network.com TCP D=60266 S=22 Push Ack=2429437204 Seq=1051622203 Len=432 Win=49232 Options=

10.2.185.1 -> ALL-ROUTERS.MCAST.NET UDP D=1985 S=1985 LEN=28

Server1.network.com -> Thishost TCP D=22 S=60266 Ack=1051622635 Seq=2429437204 Len=0 Win=33304 Options=

10.2.185.2 -> ALL-ROUTERS.MCAST.NET UDP D=1985 S=1985 LEN=28

bash-3.00# snoop -r

Using device bge0 (promiscuous mode)

10.2.185.203 -> 10.1.64.174 TCP D=60266 S=22 Push Ack=2429442532 Seq=1051642203 Len=80 Win=49232 Options=

10.1.64.174 -> 10.2.185.203 TCP D=22 S=60266 Ack=1051642283 Seq=2429442532 Len=0 Win=33304 Options=

10.2.185.203 -> 10.1.64.174 TCP D=60266 S=22 Push Ack=2429442532 Seq=1051642283 Len=320 Win=49232 Options=

10.1.64.174 -> 10.2.185.203 TCP D=22 S=60266 Ack=1051642603 Seq=2429442532 Len=0 Win=33304 Options=

10.52.242.42 -> 10.2.185.15 TCP D=1996 S=902 Push Ack=977365903 Seq=3075574324 Len=1173 Win=4163 Options=

10.2.185.1 -> 224.0.0.2 UDP D=1985 S=1985 LEN=28

? -> (multicast) ETHER Type=023C (LLC/802.3), size = 53 bytes

bash-3.00# snoop -d bge0 ip to Server1

Using device bge0 (promiscuous mode)

Thishost -> Server1.network.com TCP D=60266 S=22 Push Ack=2429445556 Seq=1051663435 Len=80 Win=49232 Options=

Thishost -> Server1.network.com TCP D=60266 S=22 Push Ack=2429445556 Seq=1051663515 Len=192 Win=49232 Options=

Thishost -> Server1.network.com TCP D=60266 S=22 Push Ack=2429445556 Seq=1051663707 Len=208 Win=49232 Options=

^Cbash-3.00#

bash-3.00#

bash-3.00# snoop -d bge0 ip from Server1

Using device bge0 (promiscuous mode)

Server1.network.com -> Thishost TCP D=22 S=60266 Ack=1051666683 Seq=2429447812 Len=0 Win=33304 Options=

Server1.network.com -> Thishost TCP D=22 S=60266 Ack=1051666875 Seq=2429447812 Len=0 Win=33304 Options=

Server1.network.com -> Thishost TCP D=22 S=60266 Ack=1051667067 Seq=2429447812 Len=0 Win=33304 Options=

^Cbash-3.00#

bash-3.00#

bash-3.00# snoop to Server1

Using device bge0 (promiscuous mode)

Thishost -> Server1.network.com TCP D=60266 S=22 Push Ack=2429448292 Seq=1051667787 Len=80 Win=49232 Options=

Thishost -> Server1.network.com TCP D=60266 S=22 Push Ack=2429448292 Seq=1051667867 Len=192 Win=49232 Options=

^Cbash-3.00#

bash-3.00# snoop ip from Server1

Using device bge0 (promiscuous mode)

Server1.network.com -> Thishost TCP D=22 S=60266 Ack=1051668987 Seq=2429448932 Len=0 Win=33304 Options=

Server1.network.com -> Thishost TCP D=22 S=60266 Ack=1051669179 Seq=2429448932 Len=0 Win=33304 Options=

Server1.network.com -> Thishost TCP D=22 S=60266 Ack=1051669371 Seq=2429448932 Len=0 Win=33304 Options=

^Cbash-3.00#

bash-3.00# snoop -i /var/tmp/snoop-op -p 1,5

1 0.00000 Thishost -> Server1.network.com TCP D=60266 S=22 Push Ack=2429410484 Seq=1051528203 Len=80 Win=49232 Options=

2 0.00177 Server1.network.com -> Thishost TCP D=22 S=60266 Ack=1051528283 Seq=2429410484 Len=0 Win=33304 Options=

3 0.94920 10.2.185.2 -> ALL-ROUTERS.MCAST.NET UDP D=1985 S=1985 LEN=28

4 0.03904 Server1.network.com -> Thishost ICMP Echo request (ID: 1754 Sequence number: 439)

5 0.00007 Thishost -> Server1.network.com ICMP Echo reply (ID: 1754 Sequence number: 439)

bash-3.00#

//Detailed view of the first packet

bash-3.00# snoop -i /var/tmp/snoop-op -v -p 1

ETHER: ----- Ether Header -----

ETHER:

ETHER: Packet 1 arrived at 12:09:42.07489

ETHER: Packet size = 146 bytes

ETHER: Destination = 0:1c:b0:88:48:0,

ETHER: Source = 0:3:ba:d8:98:48,

ETHER: Ethertype = 0800 (IP)

ETHER:

IP: ----- IP Header -----

IP:

IP: Version = 4

IP: Header length = 20 bytes

IP: Type of service = 0x00

IP: xxx. .... = 0 (precedence)

IP: ...0 .... = normal delay

IP: .... 0... = normal throughput

IP: .... .0.. = normal reliability

IP: .... ..0. = not ECN capable transport

IP: .... ...0 = no ECN congestion experienced

IP: Total length = 132 bytes

IP: Identification = 23065

IP: Flags = 0x4

IP: .1.. .... = do not fragment

IP: ..0. .... = last fragment

IP: Fragment offset = 0 bytes

IP: Time to live = 60 seconds/hops

IP: Protocol = 6 (TCP)

IP: Header checksum = 0000

IP: Source address = 10.2.185.203, Thishost

IP: Destination address = 10.1.64.174, Server1.network.com

IP: No options

IP:

TCP: ----- TCP Header -----

TCP:

TCP: Source port = 22

TCP: Destination port = 60266

TCP: Sequence number = 1051528203

TCP: Acknowledgement number = 2429410484

TCP: Data offset = 32 bytes

TCP: Flags = 0x18

TCP: 0... .... = No ECN congestion window reduced

TCP: .0.. .... = No ECN echo

TCP: ..0. .... = No urgent pointer

TCP: ...1 .... = Acknowledgement

TCP: .... 1... = Push

TCP: .... .0.. = No reset

TCP: .... ..0. = No Syn

TCP: .... ...0 = No Fin

TCP: Window = 49232

TCP: Checksum = 0x0000

TCP: Urgent pointer = 0

TCP: Options: (12 bytes)

TCP: - No operation

TCP: - TS Val = 103760130, TS Echo = 386555461

TCP:

An effective filter

bash-3.00# snoop Server1 and Thishost and port 80 and tcp or udp

Using device bge0 (promiscuous mode)

10.2.185.2 -> ALL-ROUTERS.MCAST.NET UDP D=1985 S=1985 LEN=28

Thishost -> Server2.network.com DNS C 2.185.2.10.in-addr.arpa. Internet PTR ?

Server2.network.com -> Thishost DNS R Error: 3(Name Error)

10.2.185.1 -> ALL-ROUTERS.MCAST.NET UDP D=1985 S=1985 LEN=28

Thishost -> Server2.network.com DNS C 1.185.2.10.in-addr.arpa. Internet PTR ?

Server2.network.com -> Thishost DNS R Error: 3(Name Error)

10.2.185.2 -> ALL-ROUTERS.MCAST.NET UDP D=1985 S=1985 LEN=28

10.2.185.1 -> ALL-ROUTERS.MCAST.NET UDP D=1985 S=1985 LEN=28

^Cbash-3.00#

!!! UNIX !!!

Saturday, April 9, 2011

Check the network traffic using snoop

No comments:

Post a Comment