Centre closure

This page is part of the GENIUS project.

Equipment used for capturing traffic

Packet Sniffing Computer (Sniffer Box)

Sniffer Box Details 26/06/02 - 05/07/02 Brand: Compaq Model: EVO D500 CPU: Pentium 4 1.6MHz RAM: 256Mb OS: FreeBSD 4.5 Ethernet Port Details (fxp0) Brand: Intel Model: Pro/100 Ethernet Ethernet address: 00:08:02:3B:5B:74

Sniffer Box Details 11/07/02 - Brand: Intel Model: CA810E Desktop Board CPU: Celeron 600MHz RAM: 128Mb OS: FreeBSD 4.6 Ethernet Port Details (fxp0) Brand: Intel Model: Pro 10/100B/100+ Ethernet Ethernet address: 00:03:47:06:DC:BD

Tcpdump and Pkthisto 0.1.3 software running on Packet Sniffing Computer

Microsoft Xboxes use the following addressing for packets:

• MAC address with the vendor code 00:50:F2
• In-game IP address of 0.0.0.1
• UDP port number: 3074

Pkthisto 0.1.2 only analyses UDP/IP flows. A small modification was made to allow pkthisto to differentiate Ethernet-level flows using the Ethernet MAC addresses rather than UDP port and IP address information.

Calibration of Sniffer Boxes' Ethernet Port

Calibration was performed for both Sniffer Boxes' Ethernet port used for traffic capturing using a NetCom Systems SMARTBITS2000 with a SX-7 410B line card.

The SmartBits 2000 was configured to send long (500 and 1000 packet) bursts of back-to-back packets to each sniffer computer, with intervals ranging from 12.5usec to 50msec. We found that both computers were capable of timestamping to less than ten microseconds accuracy, even when subjected to bursts of 1000 packets spaced tens of microseconds apart. This was considered sufficient accuracy for our first Xbox analysis (where we are discussing intervals to the nearest millisecond).

---

 

© Swinburne Copyright and disclaimer Privacy Feedback Last Updated: Tuesday 10-Sep-2002 11:13:37 AEST URL: Maintained by: Grenville Armitage garmitage@groupwise.swin.edu.au Authorised by: Grenville Armitage garmitage@swin.edu.au