I an running wireshark on two different computers, one is a Linux (Lucid Lynx), and the other is running BackTrack4. Both computers are on the same network. Wireshark is listening on eth0 of both computers. No filters are set, and all traffic is visible. Browser requests show up, secure shell connections show up, and all sorts of assorted network traffic between the other computers on the network are also visible. HOWEVER, when I ping my DNS (OpenDNS, 208.67.222.222) or other computers on my own network, NO ICMP traffic shows up in Wireshark. I ping from the exact same command shell that I am using for SSH connections, and while the SSH connection traffic is detected by wireshark, ping traffic from that same shell is NOT detected. This is happening on TWO different computers running wireshark. No ping traffic whatsoever is detected by either instance of Wireshark. What the hell is going on? asked 14 Sep '11, 07:20 KatmanDu |
One Answer:
NEVER MIND! I had a dumbass attack. My laptops were connected wirelessly, not on eth0. slinks off in shame answered 14 Sep '11, 17:56 KatmanDu |
Okay, things just got a little weirder. I tried Wireshark on a CentOS 6 machine, and the ICMP packets were shown by Wireshark. It must be an Ubuntu issue, as BT4 is based on Ubuntu. I would still like to know why Ubuntu-based ICMP traffic is not detected by Wireshark...........