Telnet question

Karl Auer kauer at biplane.com.au
Sat May 30 02:06:02 UTC 2020


On Sat, 2020-05-30 at 10:09 +0930, Phil wrote:
> On 29/5/20 8:09 pm, Ken D'Ambrosio wrote:
> > A little more info to help you conceptualize stuff.  For the VAST 
> > majority of services/daemons, each incoming connection is
> > essentially a dedicated, point-to-point connection.
> Thank you Ken, I didn't realise the that a daemon is a one-to-one 
> connection rather than a broadcast connection. I've been delayed
> with another problem and haven't played with Wireshark yet, but I
> will.

Remember Ken said the "vast majority" - not all!

DHCP servers, for example, are typically initially reached via a
broadcast request in the first instance. A route advertiser daemon
broadcasts its information. Daemons that use broadcast are generally on
the local link, or have unicast helper daemons like DHCP relays.

BTW another way to see traffic is to set up a "tap" on a switch that
supports port monitoring. This configures the switch to duplicate
traffic onto another port, which you can then connect to and see all
the traffic. This is useful if you can't get a sniffer onto any of the
interfaces that are directly involved in the communication.

Any MikroTik switch (or router with more than one ethernet interface)
will support this, you can get one for $50 or so depending on where you
are. There are plenty of other brands/models that are suitable, just
MikroTik has a bunch of high-end features on low-end hardware = cheap
:-)

Regards, K.

-- 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Karl Auer (kauer at biplane.com.au)
http://www.biplane.com.au/kauer
http://twitter.com/kauer389

GPG fingerprint: 2561 E9EC D868 E73C 8AF1 49CF EE50 4B1D CCA1 5170
Old fingerprint: 8D08 9CAA 649A AFEF E862 062A 2E97 42D4 A2A0 616D






More information about the ubuntu-users mailing list