LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Newbie (https://www.linuxquestions.org/questions/linux-newbie-8/)
-   -   [ask] how determine subnetmask, gateway, and dns ip from pcap file (https://www.linuxquestions.org/questions/linux-newbie-8/%5Bask%5D-how-determine-subnetmask-gateway-and-dns-ip-from-pcap-file-769886/)

morningstarcrew 11-18-2009 03:24 AM
[ask] how determine subnetmask, gateway, and dns ip from pcap file
 
Hello everybody,
I want to ask you a newbie question, I have a pcap file. my task is want to know subnetmask, gateway, and dns ip from pcap file.
can you give me a light?

many thanks,

MSC

linuxlover.chaitanya 11-18-2009 03:28 AM
tcpdump tool can open this file. Use it if you want a command line tool else you can look for wireshark.

morningstarcrew 11-19-2009 03:37 AM
ok. i use wireshark. what packet should i look for? is that tcp,http,or what?

many thanks,

MSC

Ippy98 11-19-2009 03:39 AM
What exactly do you want to know? I'm not sure I fully understand what you are looking for.

morningstarcrew 11-20-2009 02:40 AM
What exactly i want to know is how to determine subnetmask, gateway, and dns ip from pcap file.
I've captured many packets from my accesspoint (AP) at my lab without connected to that AP using kismet. No DHCP server was enabled from AP. I used static ip configuration. Act like the person that din't know about AP configuration, i would like to see subnetmask, gateway, and dns ip from pcap file which i got from kismet. I use Wireshark to open&view pcap file. I don't know what packet should i looking for in order to find out subnetmask, gateway, and dns ip. There are many packets if i opened pcap file using wireshark, and i have no clue.


All times are GMT -5. The time now is 03:34 AM.