[jcifs] jcifs and packet monitoring
Mohan Radhakrishnan
mohanr at fss.co.in
Sun Feb 27 22:52:42 MST 2011
Hi,
Due to PCI regulations and data center restrictions Wireshark is not allowed. This code spits out enormous amounts of packet information and cannot be selectively set for a particular share access.
That is the problem. I think I need a packet guide to decipher this !!
As far as the security auditing is concerned the Windows admin. is quite uncooperative :-(
/*
* Set the JCIFS logs level. This is enabled as a -D switch
* so that a log file is generated. This file contains low-level packet
* details of a shared folder access.
*/
private void setJcifsLogLevel() throws FileNotFoundException{
PrintStream ps = new PrintStream( new File( "jcifslog" ));
jcifs.util.LogStream.setInstance( ps );
}
Thanks,
Mohan
-----Original Message-----
From: Michael B Allen [mailto:ioplex at gmail.com]
Sent: Friday, February 25, 2011 11:30 PM
To: Mohan Radhakrishnan
Cc: jcifs at lists.samba.org
Subject: Re: [jcifs] jcifs and packet monitoring
Hi Mohan,
WireShark is a very good network capture / analysis tool.
But if you are getting an Access denied, you should try posting a
stack trace to the list and explain the conditions under which it
occurs. It is very unusual for that sort of thing to happen
sporadically as you describe but I would have to understand what your
code is doing to give even make a wild guess as to what the problem
might be.
Mike
--
Michael B Allen
Java Active Directory Integration
http://www.ioplex.com/
On Wed, Feb 23, 2011 at 1:41 AM, Mohan Radhakrishnan <mohanr at fss.co.in> wrote:
> Hi,
> I came across this link http://support.microsoft.com/kb/300549 about
> security auditing to trace CIFS failures.
>
> What type of Windows Packet monitors are recommended to trace 'Access
> denied' errors ? These errors appear and vanish frequently seemingly
> without any reason.
>
> We used to think that the login into the domain controller is being
> rejected due to load and then accepted.
>
> I am aware of the debug option and wireshark but this is our prod.
> Systems. So we don't want to use it.
>
> Thanks,
> Mohan
>
More information about the jCIFS
mailing list