Sniffing vlan without using monitor session

Similar Messages

• Hwic 4esw monitor Session

  Currently running a hwic 4esw module in a 2800 series router and we are using websense so I’m trying to use Monitor session to mirror the traffic over for websense to see. The only problem is that the route locks up every week and doesn’t allow any traffic out. Any ideas?

  I need some clarifications from your side to help you out with the problem.Are you able to normally ping the Websense server from the PIX? .When the problem occurs are you able to ping the websense server from the PIX?. Is the PIX reachable from the rest of the network when the problem occurs?
  Send me these details so that I can help you further.

• I have an Apple Powerbook G4, and my monitor doesn't function. I have an external display Monitor, however it's stuck in extended screen mode. How do I get it to mirror or duplicate the display without use of the on-board?

  As i had said, I have an Apple Powerbook G4, and my monitor doesn't function. I have an external display Monitor, however it's stuck in extended screen mode. How do I get it to mirror or duplicate the display without use of the on-board? Is there a Fn key combo i'm missing or is the issue more serious then i realize? any and all help and hints would be greatly apprichiated, thanks in advance.
  -Powerbook User

  The PowerBooks have an F-key that toggles mirrored and extended mode. My PB is loaned out right now but I think it was f7. The keycap has an icon on two overlapping rectangles, as I recall.
  EDIT: Yes! Found a pdf of the PB manual it shows F7 is the toggle:

• How to save the session states for a tabular form WITHOUT using check boxs?

  Greeting guys,
  As you know that we can use collections to save the session states of a tabular forms, described in the how-to doc of manual tabular forms. However, what I am trying to do ( or have to do) is to provide a manual tabular form, and save the session states for validation, without using the check boxes. Because a user can put contents into some columns in a row without checking the corresponding checkbox, according to the requirements. So basically what I tried is to loop over all the rows and save Every entry into a collection. However, sometimes I got "no data found" error with unknown reasons.
  My current solution is to use the "dirty" Retry button that gets back the history, which IMO is not a good workabout. So, I'd appreciate if somebody can shed some light on a better solution, especially if it is close to the one in that how-to doc.
  Thanks in advance.
  Luc

  The following is the first collection solutin I've tried:
  htmldb_collection.create_or_truncate_collection('TEMP_TABLE');
  for i in 1..p_row_num loop -- Loop on the whole form rows
  if (htmldb_application.g_f01(i) is not null) or (htmldb_application.g_f05(i) <> 0)
  --If either of them has some input values, the row should be saved into the colleciton.
  then
  htmldb_collection.add_member(
  p_collection_name => 'TEMP_TABLE',
  p_c001 => htmldb_application.g_f01(i),
  p_c002 => htmldb_application.g_f03(i),
  p_c003 => htmldb_application.g_f04(i),
  p_c004 => htmldb_application.g_f05(i),
  p_c005 => htmldb_application.g_f06(i),
  p_c006 => htmldb_application.g_f08(i)
  end if;
  end loop;
  Some of columns have null values, but I don't think that's the reason. Because once I clicked all the check boxes, there would be no error no matter what values were in other columns.
  Another issue would be extract the values FROM the collection, which has been tried because I had problem to store the data into the collection. I used "decode" functions inside the SQL to build the tabular form. I am not sure whether it will be the same as a regular SQL for a tabular form, like the example in the How-to doc.
  Also I didn't use the checksum, for it is not an issue at the current stage. I am not sure whether that's the reason which caused the NO DATA FOUND error.

• Options to monitor a PC without using SCOM?

  How can I monitor a scheduled job on a PC without using SCOM. We have a request to monitor some scheduled jobs on some PCs, but we don't want to use SCOM to monitor individual PCs.
  Can I use PowerShell or anything else to accomplish this task?
  Thanks.
   

  You may use following vbscript
  set Service =CreateObject("schedule.service")
  'computer1 is the computer name which you want to monitor schedule job an without scom agent
  computername="computer1"
  call Service.Connect(computername)
  dim rootFolder
  set rootFolder = Service.GetFolder("\")
  dim taskCollection
  set taskCollection = rootFolder.getTasks(0)
  dim result
  dim TaskName
  result="OK"
  TaskName=""
  if taskCollection.count > 0 then
       dim registeredTask
           for each registeredTask in taskCollection
                if registeredTask.LastTaskResult = 1 then
                     result="NOT OK"
                    TaskName = TaskName  &  registeredTask.Name & ", "
                end if
            next
  end if
  if result="OK" then
     msgbox "All schedule task in " & computername & " run successfully"
  else
     msgbox "The following tasks run unsuccessful in computer " &  computername & vblf & left(TaskName, len(taskName)-1)
  end if
  Roger

• How to call session directly in bdc without using SM35

  how to call session directly in bdc without using SM35

  HI
  good
  you r using the sm35 to see the session for calling teh session in your report
  ATA:   messtab LIKE bdcmsgcoll OCCURS 0 WITH HEADER LINE ,
  c_session  LIKE   apqi-groupid VALUE 'Z3PL_CUST' ,
  c_job      LIKE   tbtcjob-jobname VALUE 'Z3PL_JOB_CUST' ,
  c_flag     TYPE    c VALUE 'X'  ,
  g_qid      TYPE apqi-qid      .
  thanks
  mrutyun

• How to create session and end the session in atg without using ootb

  can anyone send the code for creating session(Login) and ending(Logout) session in atg without using ootb.
  thankyou!

  It is plain simple and is plain old request.getSession(false) and then invalidate the session , but why do you want to do it separately . ATG works behind scenes to associate lot of attributes to the session when log in happens and then deassociates them when log out happens , SessionManager component is also helpful in security , can you state why exactly would you want to do it?

• Monitoring sessions invoked by a user SQL Developer

  Hello Everyone ,
  I am a DBA and lot of developers use SQL Developer for their tasks. Off late we have been facing few issues with SQL Developer.
  Developers close the working session by "alt+f4" and strangely their sessions are active in the DB's. What is the cause for this ?
  Rollback of DML statements takes hours for statements submitted by SQL Developer.
  Does OCI driver help in any way ?
  Is there any way that I can allow individual users to monitor their sessions in SQL Developer?
  Suppose a user connects with a generic application username "xyz" , can I allow the user "xyz"  to monitor sessions invoked by him and also provide him privileges to kill his/her own session.
  We are facing lot of performance issues , so help in this regard would be highly appreciated.
  Even pointing me towards appropriate documentation would do.
  Thanks in anticipation.

  1006957 wrote:
  I am a DBA and lot of developers use SQL Developer for their tasks. Off late we have been facing few issues with SQL Developer.
  Developers close the working session by "alt+f4" and strangely their sessions are active in the DB's. What is the cause for this ?
  Rollback of DML statements takes hours for statements submitted by SQL Developer.
  Does OCI driver help in any way ?
  Is there any way that I can allow individual users to monitor their sessions in SQL Developer?
  Suppose a user connects with a generic application username "xyz" , can I allow the user "xyz"  to monitor sessions invoked by him and also provide him privileges to kill his/her own session.
  We are facing lot of performance issues , so help in this regard would be highly appreciated.
  Even pointing me towards appropriate documentation would do.
  Once the DB begins work on a task it will continue that work until: 1) the work is complete, 2) an exception occurs or 3) it discovers that the client is no longer there.
  If you begin a transaction (complex query, sorts, etc) that is lengthy it may be a while before the DB even tries to communicate with the client. Then all of that work must be rolled back and the rollback (e.g. for an update or delete) can take much longer than the query took to begin with. That is just the way Oracle works.
  If a user connects as "xyz" then the only 'sessions invoked by him' are that ONE session. Any other user might also create a session by connecting as "xyz"; Oracle has no way of knowing if ALL sessions connecting as "xyz" belong to the same person or not.
  The ALTER SYSTEM privilege must be granted to allow someone to 'kill his/her own session' but that privilege would allow them to kill any other session, including system sessions.
  You could write a procedure to try to control the privilige, as in the following thread, but that also has risks:
  https://forums.oracle.com/thread/256935
  It is a DBA responsibility to control sessions, not the developers. You should NOT give this ability to the developers IMHO. If your developers are abusing your system it indicates that they need more training in how to prevent runaway queries. A common cause of the problem you describe is when a developer submits a query and then thinks they can just cancel it and start over and they DO NOT UNDERSTAND the first statement I made above: Oracle will keep working.
  The proper solution to your problem is to begin logging your developer's requests for session termination so that you can properly monitor the problem and detect developers that need additional instruction or mentoring to keep the problem from happening. Although anyone, even experts, can accidentally let a query get out of control, your problem doesn't occur very frequently for experienced developers.
  The DISCONNECT option only politely requests Oracle to terminate the session so it make take considerable time to clean everything up.
  If you really need to terminate the session you need to use DISCONNECT IMMEDIATE. See the disconnect session clause of alter system in the sql language doc
  http://docs.oracle.com/cd/B28359_01/server.111/b28286/statements_2013.htm#sthref4725
  {quote}
  DISCONNECT SESSION Clause
  Use the DISCONNECT SESSION clause to disconnect the current session by destroying the dedicated server process (or virtual circuit if the connection was made by way of a Shared Sever). To use this clause, your instance must have the database open. You must identify the session with both of the following values from the V$SESSION view:
    For integer1, specify the value of the SID column.
    For integer2, specify the value of the SERIAL# column.
  If system parameters are appropriately configured, then application failover will take effect.
    The POST_TRANSACTION setting allows ongoing transactions to complete before the session is disconnected. If the session has no ongoing transactions, then this clause has the same effect described for as KILL SESSION.
    The IMMEDIATE setting disconnects the session and recovers the entire session state immediately, without waiting for ongoing transactions to complete.  If you also specify POST_TRANSACTION and the session has ongoing transactions, then the IMMEDIATE keyword is ignored.
    If you do not specify POST_TRANSACTION, or you specify POST_TRANSACTION but the session has no ongoing transactions, then this clause has the same effect as described for KILL SESSION IMMEDIATE.
  {quote}

• How to do Indepth table analysis without using any tool

  Is there anyway of indepth analysis of tables of a database without using any tool, i.e. by means of sql's, pl/sql's only.
  My database has around 800 main tables which have several other related relational tables(objects relating 2 tables on basis of OTO, OTM, MTO, MTM object relationship) and several dependent views(made from among the 800 base table only).
  Currently database is indexed, has joins and views, all in working scenario but yet do not gauranty consistent behaviour.
  My sole purpose is to analyse all main tables (around 800 of them) in my database by running scripts and prompt errors, warnings, exceptions wherever table needs indexing or change of joins(eg - from cross to inner,etc. ) or check inorder to avoid table full scan for related relational tables and dependent views.
  My databse is Oracle10g.
  Please do revert for any doubts.

  My sole purpose is to analyse all main tables (around 800 of them) in my database by running scripts and prompt errors, warnings, exceptions wherever table needs indexing or change of joins(eg - from cross to inner,etc. ) or check inorder to avoid table full scan for related relational tables and dependent views.There are no tools which can tell whether your table needs indexing or whether you need to change joins methods, by just looking at your database. At most, you can get an idea about the missing indexes in case of a parent-child relation. Everything else, falls under application tuning - which involves sql tracing, profiling etc.
  If you cannot trace individual sessions, then you are better off monitoring the database with statspack/AWR (if licensed). Generate reports at frequent intervals, look at the resource consuming SQLs and have a discussion with dev team to fix them, whenever possible.
  EM can also be used for SQL analysis.

• 2950C Unable to ping destination port in monitor session

  I have 2 Pix firewalls and a web filtering server running Surfcontrol. In order for Surfcontrol to filter web usage it has to see the traffic being sent to the firewall's. I have created a monitor session and have used the firewall ports as the source with transmit and receive, and the web filter server as the destination. However when I do this I am not able to ping the web filter server. The web filter is unable to function ie block websites based on the rules that we have setup if the destination port is unable to send packets to internal workstations.
  Is there anything I can do to allow the destination port to be able to send packets to internal workstations ??

  Hi Frined,
  When you configure SPAN destination port , that port will just work as a monitoring port and will not work for general network traffic.
  If you do " sh int" you will see line protocol down (monitoring)
  Now if you want that port to monitor as well as take part into normal network also you have to enable ingress traffic on the destination port
  "monitor session session_number destination interface interface-id [ingress vlan vlan id]"
  Check this link for more details
  http://www.cisco.com/univercd/cc/td/doc/product/lan/cat2950/12119ea1/2950scg/swspan.htm#1218090
  HTH
  Ankur

• Can I 'monitor session' trunk ports to a Cisco IDS?

  I ran across an existing config that has two trunk ports on a 3560 being port monitored to another port which is plugged in to a port on an ids 4515. Will the IDS be able to interpret that trunk traffic? The customer is complaining that they aren't able to see events on a local network (VLAN 1) and this is suppose to be the port they get that traffic from.
  Not sure why they chose to monitor trunk ports and I'm not sure it's even possible. I want to change the monitored port to some other local VLAN port that makes sense.
  Here are the existing lines:
  interface G0/47
  switchport turn encap dot1q
  switchport mode trunk
  interface G0/48
  switchport turn encap dot1q
  switchport mode trunk
  monitor session 2 source interface Gi0/47 - 48
  monitor session 2 destination interface Gi0/20
  ...port 20 goes to the ids.

  There are 3 modes of sensing supported on the sensors: promiscuous, inline interface pair, and inline vlan pair.
  Each mode interacts with vlan headers slightly differently.
  Promiscuous:
  A promiscuous sensor is fully capable of analyzing 802.1q trunk packets. The vlan will also be reported in any alerts generated.
  The trick when monitoring using a trunk is to ensure the span (or vacl capture) configuration is correct on the switch to get the packets you are expecting.
  Many types of switches have special caveats when a trunk is a source or destination port in the span.
  We also even support Vlan Group subinterfaces on the promiscuous interface.
  This allows sets of vlans on the same monitoring port to be monitored by different virtual sensors.
  So you could take vlans 1-10 and monitor with vs0, and then take vlans 11-20 and monitor with vs1, etc....
  However, to use this feature the switch must be very consistent in how packets are sent to the sensor. When monitoring a connection the sensor needs to see both client and server traffic. And when using Vlan Groups the sensor needs to see the client and server traffic ON THE SAME VLAN. It is this on the same vlan requirement that is not always possible with some span configurations when the switch itself is routing between vlans. Most switches are deployed with routing between vlans by the switch, and so in many cases you won't see the client and server traffic on the same vlans. This is very switch code dependant so you would need to do some research on your specific switch.
  Inline Interface Pair:
  With an inline interface you are pairing 2 physical interfaces together. A common deployment is to place the inline interface pair in the middle of an existing 802.1q trunk port. Interface 1 would be plugged into the switch, and interface 2 plugged into the other switch or other type of device (like router or firewall).
  In this setup the sensor is fully capable of monitoring these packets with 802.1q headers.
  However, there is something to keep in mind in these deployments. Often that other device (router, firewall, or switch) will route packets between vlans. So a packet going through the sensor on vlan 10 could be routed right back through the sensor again on vlan 20. Seeing the same packet again can cause TCP tracking confusion on the sensor (especially when the other device is doing small modifications to the packet like sequence number randomization).
  To address these we have 2 features.
  On InLine Interface Pairs we have the same Vlan Group feature as I discussed above in Promiscuous mode. (Do not confuse Vlan Groups with InLine Vlan Pairs discussed later in this response).
  So with Vlan Groups you could separate the vlans across virtual sensors. So if the packet gets routed back into the sensor you could configure it so that packet gets monitored by a separate virtual sensor and it will prevent the sensor confusion with state tracking.
  However, there will still be some situations where the packet may still need to cross the same virtual sensor twice. For this deployment scenario we have a configuration setting where you can tell the sensor to track tcp sessions uniquely per vlan. So long as the return packet is on a different vlan this should prevent the tcp tracking confusion. BUT there is a bug this code right now. It should be fixed in an upcoming service pack. The workaround is to go ahead and create a unique Vlan Group for each vlan (one vlan per group instead of multiple vlans in a group), and assign all of the Vlan Groups to the virtual sensor(s).
  And then you InLine Vlan Pairs:
  With InLine Vlan Pairs the monitoring interface Must be an 802.1q trunk port.
  Instead taking packets in one interface and passing to the next interface, the sensor actually takes packets in on one vlan and then sends it back on the other vlan of the pair on the same interface. It does this by modifying the vlan number in the 802.1q header.

• How can I publish an App to a selceted group of people without using the Adobe Contetn Viewer?

  How can I publish an App to a selected group of people ( not via App Store) without using the Adobe Content Viewer?
  The App was developed with InDesign 6.0

  You'd have to sign up for an Apple Developer account and then gather all the UDID's (Apple limits this to only 100 devices) that you want your app to be installed on. Create your mobile provisioning profiles to include these ID's and then you could use TestFlight to push out your app and monitor who has installed it. Of course Testflight is intended for monitoring your apps performance but I'm sure you can get away with it if you use it to push you app. One thing to keep in mind is the mobile provisoning profiles are only valid for 1 year. Hope this helps.

• Monitor Sessions can't see most sessions?

  Symptom: Session Monitor nearly always displays “No text available” for a session’s current statement.
  Diagnosis:
  1.     I can’t see SQL for most sessions, even if I login as user SYS with the SYSDBA privilege.
  2.     Manual says:
  Monitor Sessions: Displays the status of one or more sessions, using information from the V$RSRC_SESSION_INFO view, which shows how the session has been affected by the Oracle Database Resource Manager.
  3.     When connected as system, I can select from the table Session Monitor uses, both on the server and via SQL Developer:
  SQL> select count(*) from V$RSRC_SESSION_INFO;
  50
  4.     In comparison, TOAD can display SQL for any user if I connect as user system . Run side by side, TOAD displays SQL for sessions that SQL Developer won’t display.

  Might be that TOAD displays the last executed statement rather than sqldev's current executing statement?
  K.

• Problem with File RFC File scenario without using BPM

  Hi all,
    I am trying a File RFC File scenario without using BPM with the help of the following thread:
  File - RFC - File without a BPM - Possible from SP 19.
    The XI system is PI 7.0 sp 12. When I am trying to acheive the above scenario, I am getting wierd results i.e., when I observe in SXI_MONITOR, the message is showing as processed successfully, but when I watch the message status in communication channel monitoring, I am getting the following error:
  "Attempt to process file failed with com.sap.aii.af.service.cpa.CPAException: Couldn't retrieve inbound binding for the given P/S/A values: FP=;TP=;FS=DEV120;TS=Test_Service;AN=MI_Invoice;ANS=urn:sap.com:test;"
  I am not able to understand what the problem is. By the way, one more thing, is, I have kept the File processing mode as "Delete" in the sender file adapter. But the file is not getting deleted. I think the reason could be because of the above error.
  Can any body help me out in getting my problem resolved?
  Thanks,
  Adithya K

  CPA Cache Refresh from the Adapter Engine To trigger a cache refresh from the individual Adapter Framework, open a browser window and enter the following
  URL: http://<host>:<port>/CPACache/refresh?mode=<b>delta|full</b>
  The Monitoring url is like this: http://<host>:<port>/CPACache
  Thanks & Regards,
  Farooq.

• 2 Displays without using Mac Mini's thunderbolt connection?

  is it possible to connect to monitors without using the thunderbolt connection.
  I want to keep the thunderbolt connection for a fast external hard drive in the future.
  If it's not possible do you think it will be possible with the new 2013 Mini when it arrives?

  No
  see > Apple - Thunderbolt: Next-generation high-speed I/O technology.