Wireshark display filters
Wireshark general
Wireshark is a free and open-source packet analyzer. This tool is used for network troubleshooting, analysis,
communication and software protocol development and education. The original software were named Ehtereal, in May 2006.
Later it was renamed to Wireshark due to trademark issues.
Wireshark uses pcap to capture packets. It runs on several platforms like GNU/Linux, OS X, BSD, Solaris,
some other Unix-like operating systems, and Microsoft Windows.
There is also a terminal-based version (non-GUI) called TShark.
Here I’d like to introduce some important filter options in wireshark.
It’s very hard to find exactly the right packets, you are looking for, in a hugh amount of data.
The following charts are a compendium of several websites.
My aim for these post was, to bring the most important commands of one page.
&nb
Wireshark Homepage
IOS Recovery from corrupt or missing image from ROMMON
IOS Recovery from corrupt or missing image from ROMMON
Indrodution:
hereby i describe how to recover from a corrupt or missing software image on
a Cisco Catalyst switch 2900XL and 3500XL. I will show you the steps and 2 examples to load
a software image with the hyperterminal software ‘tera term’ or ‘SecureCRT’.
mac access-list and vlan access-map behavior
How to create a mac access-list and an vlan access-map
Last few days at work, we noticed on several access-switches a mac address flapping.
I don’t know how to troubleshoot and to fix it for interim arrangement purposes.
Flash File System 2970,3550,3560,3750 and Image Handling
flash-file-system-2970-3550-3560-3750-and-image-handling
It’s very useful to know, how a file system on a Catalyst
2970, 3550, 3560, and 3750 Flash file system
work. If you loose your password, it’s a easy way with above mentioned hardware
to set it to factory default.
Step-by-Step Recovery Procedure
As a prerequisite, a PC must be attached to the console port to the switch.
Choose a terminal software of your choice. For example putty.exe.
switchport nonegotiate
During my work as a network engineer, i stumble across the switchport nonegotiate command and
i never ever care about this command. There were no need for me to know and to configure this command.
But last week on doing troubleshooting i decide to get a deeper look into ‘switchport nonegotiate’.
- What take effect with the ‘switchport nonegotiate’ command?
- Is it useful to configure it?
- Do i really need an automatism to force the port to be a trunk or access port?
Preface
telnet access line vty 0 15
Prepare a cisco switch for telnet/ssh access (telnet access line vty 0 15)
Everytime i have to prepare a cisco switch for telnet or ssh access i wondering, what i really need to
configure proper. It’s a simple thing, but when you need this rarely, i always ‘trial and error’ and this
gets me to be aggressive.
Cisco Password Recovery
All Cisco routers have a 16-bit software register, which is written into NVRAM. By default, the configuration register is set to load the Cisco IOS from flash memory and to look for and load the startup-config file from NVRAM.
By changing the configuration register, you can perform cisco password recovery on a Cisco router.
If you are locked out of a router because you forgot the password, you can change the configuration register to help you recover. Bit 6 in the configuration register is used to tell the router whether or not to use the contents of NVRAM to load a router configuration. The default configuration register value for bit 6 is 0x2102 (the 0 is bit 6), which means that bit 6 is off. With the default setting, the router will look for and load a router configuration stored in NVRAM (startup-config). To recover a password, you need to turn on bit 6, which will tell the router to ignore the NVRAM contents. The configuration register value to turn on bit 6 is 0x2142.
Continue Reading →
Cisco Configuration Register
The Purpose of the Cisco Configuration Register
The configuration register can be used to change router behavior in several ways, such as:
- how the router boots (into ROMmon, NetBoot)
- options while booting (ignore configuration, disable boot messages)
- console speed (baud rate for a terminal emulation session)
The configuration register can be set from configuration mode using the config-register command. From ROMmon, use the confreg command.
Issue the show version command to view the current setting of the configuration register:
Continue Reading →
switchport/interface – troubleshoot sh int counters error
It is useful to get familiar with the ‘sh int counters’ command, to check if the switchport/interface
(switchport-interface) generate failure on the physical or data link layer.
In some cases clients has latencies or packet loss and therefore bad network performance.
In this blog i want to explain to perform the right outputs and contrue for the troubleshooing.
This will be done with the counter command.
In general you can use the ‘sh interface counters’ for the whole device.
The output show.
You get information of all ports fo the device.
I see how many traffic is generated on each port.
Continue Reading →
How to clear line vty
To clear a vty line (telnet/ssh) connection on a cisco device you have to know, how to interpret the ‘sh line’ output.
To show the line output you can choose the following line-commands.
Cisco Certified
Cisco Certified