Cover V08, I09
Article
Figure 1
Figure 2
Figure 3

sep99.tar

Figure 1: Output from Case Study #1

ss012# snoop host fs11 and port nfs 
Using device /dev/hme (promiscuous mode)
ss012 -> fs11 NFS_ACL C GETACL3 FH=1E05 mask=10
fs11 -> ss012 RPC R (#1) XID=3026745960 Program unavailable
ss012 -> fs11 NFS C ACCESS3 FH=1E05 (read)
fs11 -> ss012 NFS R ACCESS3 OK (read)
ss012 -> fs11 NFS C READDIRPLUS3 FH=1E05 Cookie=0 for 1048/8192
fs11 -> ss012 TCP D=747 S=2049     Ack=2823096615 Seq=1427241386 Len=0 Win=24576
ss012 -> fs11 NFS C READDIRPLUS3 FH=1E05 Cookie=0 for 1048/8192 (retransmit)
fs11 -> ss012 NFS R READDIRPLUS3 OK 4+ entries (incomplete)
ss012 -> fs11 TCP D=2049 S=747     Ack=1427241898 Seq=2823096787 Len=0 Win=9216
fs11 -> ss012 TCP D=747 S=2049     Ack=2823096787

 

© 2000 CMP Media Inc. All Rights Reserved.
www.samag.com