|
|
This page is part of the GENIUS project.
Equipment used for capturing traffic
Packet Sniffing Computer (Sniffer Box)
Sniffer Box Details 26/06/02 - 05/07/02
Brand: Compaq
Model: EVO D500
CPU: Pentium 4 1.6MHz
RAM: 256Mb
OS: FreeBSD 4.5Ethernet Port Details (fxp0)
Brand: Intel
Model: Pro/100 Ethernet
Ethernet address: 00:08:02:3B:5B:74Sniffer Box Details 11/07/02 -
Brand: Intel
Model: CA810E Desktop Board
CPU: Celeron 600MHz
RAM: 128Mb
OS: FreeBSD 4.6Ethernet Port Details (fxp0)
Brand: Intel
Model: Pro 10/100B/100+ Ethernet
Ethernet address: 00:03:47:06:DC:BDTcpdump and Pkthisto 0.1.3 software running on Packet Sniffing Computer
Microsoft Xboxes use the following addressing for packets:
Pkthisto 0.1.2 only analyses UDP/IP flows. A small modification was made to allow pkthisto to differentiate Ethernet-level flows using the Ethernet MAC addresses rather than UDP port and IP address information.
- MAC address with the vendor code 00:50:F2
- In-game IP address of 0.0.0.1
- UDP port number: 3074
Calibration of Sniffer Boxes' Ethernet Port
Calibration was performed for both Sniffer Boxes' Ethernet port used for traffic capturing using a NetCom Systems SMARTBITS2000 with a SX-7 410B line card.
The SmartBits 2000 was configured to send long (500 and 1000 packet) bursts of back-to-back packets to each sniffer computer, with intervals ranging from 12.5usec to 50msec. We found that both computers were capable of timestamping to less than ten microseconds accuracy, even when subjected to bursts of 1000 packets spaced tens of microseconds apart. This was considered sufficient accuracy for our first Xbox analysis (where we are discussing intervals to the nearest millisecond).
© Swinburne Copyright and disclaimer Privacy Feedback
Last Updated: Tuesday 10-Sep-2002 11:13:37 AEST URL: Maintained by: Grenville Armitage garmitage@groupwise.swin.edu.au Authorised by: Grenville Armitage garmitage@swin.edu.au