Page 12 of 12

Re: Envisalink - TPI Documentation

Posted: Tue Jan 29, 2019 8:47 pm
by lonewolf
With only SSH access,

Code: Select all

tcpdump -p -n -i <interface> -X -s0 -w capturefile.pcap host <ip address>
is my go-to, and then just scp/rsync the capturefile.pcap file to your computer and open in Wireshark.

Yeah, it's almost certainly the re-use of the source port which is causing it. Since the EVL never dropped the connection, seeing a SYN on what it considers an already established connection is confusing it. I don't think this is specific to the EVL/TPI, I'd expect a hung connection as a possibility on any TCP server this happens to.

Re: Envisalink - TPI Documentation

Posted: Wed Dec 04, 2019 9:11 am
by cmh31909
Have there been any updated documents released? The only one's I can find are in this thread which is dated 2012, seven years old.

Re: Envisalink - TPI Documentation

Posted: Wed Dec 04, 2019 10:30 pm
by lonewolf
cmh31909 wrote:Have there been any updated documents released? The only one's I can find are in this thread which is dated 2012, seven years old.

? Both of the PDFs in the first post of this thread are dated 2017-02-10.