On Tue, Nov 05, 2002 at 08:23:58AM -0800, Nate McFeters wrote:
> I have a java rmi program that sends passwords in encrypted and
> unencrypted form over the network. I'm currently just connecting from
> to seperate command prompts on my local machine. I start Ethereal and
> it can capture other packets, but it never captures the rmi packets.
I.e., the sending and receiving processes are on the same machine?
If so, on what OS is this running?
On UNIX systems, IP traffic from a machine to itself is normally
transmitted on an internal "loopback interface", not over a real network
interface. In order to see that traffic, you'd have to capture on the
machine's loopback interface - typically called "lo0" or "lo";
unfortunately, you can't do that on some OSes, such as Solaris. (See
http://www.ethereal.com/media.html
for full details.)
On Windows systems, there is no standard "loopback interface"; traffic
from the machine to itself is wrapped around somewhere in the networking
stack, and doesn't show up on any network interfaces. (There's an
add-on "Microsoft Loopback Interface" for Windows 2000, but that's not
what's used, by default, for loopback traffic - and nobody has reported
success in capturing traffic over that interface.)