Important Notice: Our web hosting provider recently started charging us for additional visits, which was unexpected. In response, we're seeking donations. Depending on the situation, we may explore different monetization options for our Community and Expert Contributors. It's crucial to provide more returns for their expertise and offer more Expert Validated Answers or AI Validated Answers. Learn more about our hosting issue here.

Where does the Network Monitor Agent (Netmon) place itself in the IP Stack?

agent IP monitor netmon Network stack
0
Posted

Where does the Network Monitor Agent (Netmon) place itself in the IP Stack?

0 CommentsAdd a Comment

1 Answer

0

If you use Microsoft’s Netmon product for packet sniffing, it must run from a system which does not have Intel Packet Protect enabled. If Netmon is running on a system with Intel Packet Protect enabled, you will see the following: • Netmon will not see any ESP/AH packets among other peers. It does see IKE packets. • All ICMP packets to or from self (where Netmon runs) are clear. These packets are actually encrypted on the wire. So, to correctly collect sniffing packets, Netmon must be running from a third system which has IPSec disabled.

0 CommentsAdd a Comment

Related Questions

What is your question?

*Sadly, we had to bring back ads too. Hopefully more targeted.

Experts123