OmniPeek Support

Remote TCP Dump adapter 5.0.0.1

michael.frank@emcontechno
Posts: 2
Joined: Mon Jun 16, 2008 1:55 am

Remote TCP Dump adapter 5.0.0.1

Postby michael.frank@emcontechno » Mon Jun 16, 2008 2:12 am

I tried the Remote TCPDump adapter 5.0.0.1 with Omnipeek 5.1 and ran in to several problems.
I get a exception code 0x...5 at location 0x0b9d12ee read from memory location 0x0000000000 during add the adapter. Afterwards the TCPDump module is disabled. If I reenable it the adapter is shown.
I could synchronize the interfaces with Nokia Firewall but I get no connection with OpenSuSe 10.3
If I start a capture with Nokia Firewall the hole windows hang´s. I have to kill Omnipeek.

I used Remote TCPDUmp adapter with Etherpeek a while ago without really having problems

bryan_pfg
Posts: 3
Joined: Mon Jun 16, 2008 11:57 am

issues with Remote TCPAdapter

Postby bryan_pfg » Mon Jun 16, 2008 12:01 pm

We are having issues with Remote as well, though I can't assist you with the memory errors or corruption.

We are having issues logging in with a username other than 'root', even with completing all paths in the FAQ.

Has anyone had any luck with the SUDOERS or executing other than root? We can get it to open TCPDump with entering our root password upon initial authentication through OmniPeek. We cannot open if we put in a user/pass combination with SUDO rights.

I CAN run tcpdump with my user rights via sudo /etc/sbin/tcpdump, just cannot connect to it remotely.

michael.frank@emcontechno
Posts: 2
Joined: Mon Jun 16, 2008 1:55 am

Postby michael.frank@emcontechno » Mon Jun 16, 2008 10:51 pm

With OpenSuSe I tried root as well w.o. luck

Spacepacket
Posts: 78
Joined: Thu May 22, 2008 9:36 am

Remote TCP Dump adapter 5.0.0.1

Postby Spacepacket » Wed Aug 06, 2008 8:16 am

One of our users has had success by doing the following:

----------------------------------------------------
Allow Remote TCPDump Adapter to SUDO
----------------------------------------------------

Log in to the Linux computer at the console or via SSH, as root or a user with admin privileges.

On many (most?) systems, SUDO, by default, is configured to only allow execution from within an /etc/termcap defined terminal (TTY).

To allow non-tty execution, you want to comment out the line that forces the TTY requirement.

The command is "visudo", which will launch the default editor on your system ( usually vi ). Once you're in the editor, find the line that says:

Defaults requiretty

...and put a hash mark '#'at the beginning of it and then save the file. It should now look like this:

#Defaults requiretty

That's it. You're done. Remote TCPDump adapter should now work with a properly optioned sudo account as well as the root account.

bryan_pfg
Posts: 3
Joined: Mon Jun 16, 2008 11:57 am

Postby bryan_pfg » Mon Sep 29, 2008 2:04 pm

we finally got this to work too. Thanks for the help.


Return to “OmniPeek Support”

Who is online

Users browsing this forum: No registered users and 2 guests