Wireshark is a shining example of an open source project completely and utterly crapping on the closed source competition. As a result we all benefit. I recall spending a lot of someone else’s money on buying a sort of ruggedized laptop with two ethernet ports to do the job back in the day.
Nowdays, I can run up a tcpdump session on a firewall remotely with some carefully chosen timings and filters and download it to my PC and analyse it with Wireshark.
OK, all so convenient but is it any use?
Say you have a VoIP issue of some sort. The PCAP from tcpdump that you pass to Wireshark can analyse it to the nth degree. Wireshark knows all about SIP and RTP (and IAX) and you can even play back the voice streams or have them graphed so you can see what is wrong or whatever. That’s just VoIP, it has loads of other dissectors and decorators built in.
So what?
The UK (for example) will be dispensing with boring old, but reliable, POTS (Plain Old Telephony System) by 2025. Our entire copper telephony and things like RedCare (defunct soon) will go away.
We are swapping out circuit switching for packet switching. To be fair, a lot of the backend is already TCP/UDP/IP that is shielded away from us proles. When SoGEA (Single Order Generic Ethernet Access) really kicks in then the old school electric end to end connection will be lost in favour of packet switching, which never fails (honest guv).
If you are an IT bod of any sort, you really should be conversant with Wireshark.
In the UK at least, the POTS (Plain Old …) copper phone lines carry an electrical current as well as signals and can power the handset. There are certain guarantees about this so that in an emergency your phone will still work so you can dial 999 (our original emergency number) or 112. Our fire regulations require something like 30 minutes before things should start failing. In the real world, you get out immediately and use your mobile.
We have an emergency alarm monitoring system used by businesses. Its generally known as “Red Care” which was a brand run by BT (British Telecom). You have a small device connected to a phone line (and powered by it) and it will monitor your fire detectors and building access control systems and a 24 hour manned monitoring centre will notify you in the event of an emergency. Nowadays, these devices will use your wifi and internet connection. Sometimes: old school is best.
I had redcare via Age Concern for my mum before she went into a home with dementia - it was a few years ago and it was all that was available.
Nowadays, the panic alarms are, I believe, entirely self contained using a sim card and mobile connectivity and include location information - so they are not reliant on local power or internet connection. That locational information could be life saving - one time my mother got very confused, left her flat and was wandering around outside in freezing conditions. Luckily someone heard her calling out and took her home, but she could easily have died that night and was so confused that she didn’t think to use her dongle which was still around her neck, and it is doubtful it would have been in range of her base station anyway. A modern system can also include geofencing and even positional data (if someone falls down), takes it off, or battery runs low and automatically alert. Just like redcare, the modern systems are manned 24/7 just the same.
I think we might be writing at cross purposes. The system you had for your mum obviously worked effectively for you and that is the important thing.
POTS provide(s|d) a fixed point of reference - your address is registered against the number for 999 etc; it provides power for a handset or device; Its been like that for a lot of decades! These are cast iron guarantees. A POTS line has guarantees, enshrined in UK law, that mobile etc does not have. POTS is circuit switched (well it was) which means there is a physical path between the ends for the duration of the conversation.
So, by old school, I mean that you currently have important guarantees about telephony in the UK that will evaporate in future. In 2025 or so, we in the UK will have finished migrating from our old school POTS copper lines and will enjoy our smart new SoGEA lines instead. Single Order Generic Ethernet Access. Instead of an emulated circuit switched line we will use VoIP across the entire country. Nothing wrong with that but it probably won’t have the guarantees that POTS had.
Red Care is no more - BT have dropped it on the floor as of Feb this year which may indicate that things are not well with our future comms promises. The general system that Red Care was one product of is still available.
This is the important point: Promises (in law) that we used to be able to rely on for comms may (will) be binned.
I know what you mean. You’ve already read a load of log files on behalf of an “engineer” who seems incapable of doing it themself. You’ve also eliminated DNS and NTP and laughed at suggestions relating to SFC /SCANNOW.
Then you roll up your sleeves and plug into the Matrix …
For the past week and a half of a networking fundamentals class I just finished Tuesday, we were learning the basics of Wireshark. So far the biggest problem I’ve found with it is that I couldn’t find a version for Linux so I could use it on my laptop (couldn’t get it to work on wine either).
Which distro do you use? Ubuntu, Debian, Arch and Gentoo have packages and I’ve no doubt that most others do too. On Linux you should not have to go to random websites and download stuff and faff around - use the built in distribution packages. If you are not sure what you’ve got try this at a command prompt and read the output:
$ cat /etc/os-release
As a last resort, you can run tcpdump on nearly anything and dump to .pcap, transfer that and then open that in Wireshark. Note that modern Windows has a OpenSSH client and server available so getting files around via scp is a doddle. Windows can even do NFS too and there is of course Samba - but CIFS/SMB can be tricksy.
Errm, Wireshark. Please bear with me.
Wireshark is a shining example of an open source project completely and utterly crapping on the closed source competition. As a result we all benefit. I recall spending a lot of someone else’s money on buying a sort of ruggedized laptop with two ethernet ports to do the job back in the day.
Nowdays, I can run up a tcpdump session on a firewall remotely with some carefully chosen timings and filters and download it to my PC and analyse it with Wireshark.
OK, all so convenient but is it any use?
Say you have a VoIP issue of some sort. The PCAP from tcpdump that you pass to Wireshark can analyse it to the nth degree. Wireshark knows all about SIP and RTP (and IAX) and you can even play back the voice streams or have them graphed so you can see what is wrong or whatever. That’s just VoIP, it has loads of other dissectors and decorators built in.
So what?
The UK (for example) will be dispensing with boring old, but reliable, POTS (Plain Old Telephony System) by 2025. Our entire copper telephony and things like RedCare (defunct soon) will go away.
We are swapping out circuit switching for packet switching. To be fair, a lot of the backend is already TCP/UDP/IP that is shielded away from us proles. When SoGEA (Single Order Generic Ethernet Access) really kicks in then the old school electric end to end connection will be lost in favour of packet switching, which never fails (honest guv).
If you are an IT bod of any sort, you really should be conversant with Wireshark.
Thank you for the detailed reply and the explanations to (mostly) all the jargon :-)
Sweden is also doing a lot of deprecation of old telephony systems, those that I know of is that 2G and 3G are going away by 2025.
The less tech debt we pass onto future generations, the better.
In the UK at least, the POTS (Plain Old …) copper phone lines carry an electrical current as well as signals and can power the handset. There are certain guarantees about this so that in an emergency your phone will still work so you can dial 999 (our original emergency number) or 112. Our fire regulations require something like 30 minutes before things should start failing. In the real world, you get out immediately and use your mobile.
We have an emergency alarm monitoring system used by businesses. Its generally known as “Red Care” which was a brand run by BT (British Telecom). You have a small device connected to a phone line (and powered by it) and it will monitor your fire detectors and building access control systems and a 24 hour manned monitoring centre will notify you in the event of an emergency. Nowadays, these devices will use your wifi and internet connection. Sometimes: old school is best.
I respectfully disagree.
I had redcare via Age Concern for my mum before she went into a home with dementia - it was a few years ago and it was all that was available.
Nowadays, the panic alarms are, I believe, entirely self contained using a sim card and mobile connectivity and include location information - so they are not reliant on local power or internet connection. That locational information could be life saving - one time my mother got very confused, left her flat and was wandering around outside in freezing conditions. Luckily someone heard her calling out and took her home, but she could easily have died that night and was so confused that she didn’t think to use her dongle which was still around her neck, and it is doubtful it would have been in range of her base station anyway. A modern system can also include geofencing and even positional data (if someone falls down), takes it off, or battery runs low and automatically alert. Just like redcare, the modern systems are manned 24/7 just the same.
Sometimes old school is not best.
I think we might be writing at cross purposes. The system you had for your mum obviously worked effectively for you and that is the important thing.
POTS provide(s|d) a fixed point of reference - your address is registered against the number for 999 etc; it provides power for a handset or device; Its been like that for a lot of decades! These are cast iron guarantees. A POTS line has guarantees, enshrined in UK law, that mobile etc does not have. POTS is circuit switched (well it was) which means there is a physical path between the ends for the duration of the conversation.
So, by old school, I mean that you currently have important guarantees about telephony in the UK that will evaporate in future. In 2025 or so, we in the UK will have finished migrating from our old school POTS copper lines and will enjoy our smart new SoGEA lines instead. Single Order Generic Ethernet Access. Instead of an emulated circuit switched line we will use VoIP across the entire country. Nothing wrong with that but it probably won’t have the guarantees that POTS had.
Red Care is no more - BT have dropped it on the floor as of Feb this year which may indicate that things are not well with our future comms promises. The general system that Red Care was one product of is still available.
This is the important point: Promises (in law) that we used to be able to rely on for comms may (will) be binned.
I was thinking about getting a landline again (US) simply because VoIP and cellular all have issues with latency I find jarring.
I love Wireshark but I hate every day I have to open it up :D
I know what you mean. You’ve already read a load of log files on behalf of an “engineer” who seems incapable of doing it themself. You’ve also eliminated DNS and NTP and laughed at suggestions relating to SFC /SCANNOW. Then you roll up your sleeves and plug into the Matrix …
deleted by creator
This thread is about Wireshark, not WireGuard. Two different things.
What?
For the past week and a half of a networking fundamentals class I just finished Tuesday, we were learning the basics of Wireshark. So far the biggest problem I’ve found with it is that I couldn’t find a version for Linux so I could use it on my laptop (couldn’t get it to work on wine either).
Which distro do you use? Ubuntu, Debian, Arch and Gentoo have packages and I’ve no doubt that most others do too. On Linux you should not have to go to random websites and download stuff and faff around - use the built in distribution packages. If you are not sure what you’ve got try this at a command prompt and read the output:
$ cat /etc/os-release
As a last resort, you can run tcpdump on nearly anything and dump to .pcap, transfer that and then open that in Wireshark. Note that modern Windows has a OpenSSH client and server available so getting files around via scp is a doddle. Windows can even do NFS too and there is of course Samba - but CIFS/SMB can be tricksy.
deleted by creator
There’s also a flatpak package for it. Wireshark On Flathub
I swear I have selective male blindness because I found it in the package manager for my distro after doing a quick search command.