Tag: wireshark

Zabbix 7.0 Proxy Load Balancing

One of the new features in Zabbix 7.0 LTS is proxy load balancing. As the documentation says: Proxy load balancing allows monitoring hosts by a proxy group with automated distribution of hosts between proxies and high proxy availability. If one proxy from the proxy group goes offline, its hosts will be immediately distributed among other […]

Capturing Packets on Windows with Packet Monitor (Pktmon)

As https://learn.microsoft.com/en-us/windows-server/networking/technologies/pktmon/pktmon puts it: Packet Monitor (Pktmon) is an in-box, cross-component network diagnostics tool for Windows. It can be used for packet capture, packet drop detection, packet filtering and counting. Nice thing about it is that it is present by default on all modern Windows versions, so you can do a quick packet capture when […]

Zabbix Active Agent Autoregistration

Let’s see how the Zabbix active agent autoregistration works in the communication. I have configured the Zabbix agent (version 6.2.3) on the Linux host at 192.168.7.17 with this configuration: ServerActive=192.168.7.15 Hostname=Test-agent After restarting the agent, the Zabbix server (version 6.2.3) at 192.168.7.15 logged immediately in /var/log/zabbix/zabbix_server.log: cannot send list of active checks to “192.168.7.17”: host […]

Customizing Wireshark Settings

I’ve done countless troubleshooting sessions so that I’m having Wireshark open with a relevant capture file and either I’m showing my findings to the other participants or doing straight up live packet analysis. Sometimes the sessions are followed up with questions about how did I actually have Wireshark configured because it looked different on their […]

LDAPS Problem: Can’t contact LDAP server (-1)

LDAP authentication problem in the customer environment: The error message was received right after entering the password. Tshark says: 1 0.000000000 192.168.99.200 → 10.10.10.10 TCP 74 44780 → 3269 [SYN] Seq=0 Win=64240 Len=0 MSS=1460 SACK_PERM=1 TSval=2891116193 TSecr=0 WS=128 2 0.001225814 10.10.10.10 → 192.168.99.200 TCP 74 3269 → 44780 [SYN, ACK] Seq=0 Ack=1 Win=8192 Len=0 MSS=1460 […]