WireShark in GCOM Network?
Hi, I try to use WireShark to get the packets in GCOM Network. There are two different packets in GCOM.
The first is " I am here", and the content is 01 00 23 00 00 01 00 00 23 00 5B 01 00 0C 10 10 03 24 00 00 23 00 5B 01 0B 5B
The second is the data I want, and the content is 00 00 23 00 0C 01 00 00 23 00 5B 01 00 3A 14 14....
But, I can not get the second packets by WireShark. Could you help me?
Thank you.
Th
Answers
How do you record the traffic?
The first telegram is multicast 01 xx xx xx xx xx and sent to all ports on all switches.
The second telegram is unicast 00 xx xx xx xx xx and *only* sent to the destination port.
For a third party device to record unicasted traffic on a switched network you must be recording ON the sender or receiver node itself, or use some kind of Port Mirroring, Cisco SPAN, etc, or be using a tap device put into a network link where the traffic is passing.
Add new comment