Envisalink - TPI Documentation

Information and support for EnvisaLink modules.

Moderators: EyezOnRich, GrandWizard

lonewolf
Posts: 23
Joined: Mon Aug 04, 2014 6:03 am

Re: Envisalink - TPI Documentation

Post by lonewolf »

With only SSH access,

Code: Select all

tcpdump -p -n -i <interface> -X -s0 -w capturefile.pcap host <ip address>
is my go-to, and then just scp/rsync the capturefile.pcap file to your computer and open in Wireshark.

Yeah, it's almost certainly the re-use of the source port which is causing it. Since the EVL never dropped the connection, seeing a SYN on what it considers an already established connection is confusing it. I don't think this is specific to the EVL/TPI, I'd expect a hung connection as a possibility on any TCP server this happens to.
cmh31909
Posts: 2
Joined: Tue Dec 03, 2019 1:53 pm

Re: Envisalink - TPI Documentation

Post by cmh31909 »

Have there been any updated documents released? The only one's I can find are in this thread which is dated 2012, seven years old.
lonewolf
Posts: 23
Joined: Mon Aug 04, 2014 6:03 am

Re: Envisalink - TPI Documentation

Post by lonewolf »

cmh31909 wrote:Have there been any updated documents released? The only one's I can find are in this thread which is dated 2012, seven years old.
? Both of the PDFs in the first post of this thread are dated 2017-02-10.
Post Reply