[tnv : Frequently Asked Questions]
Why is packet capture not working on Mac OS X?
You must be running tnv as root, or change the permission of the capture device. Use chown to set your user as owner or chmod to give all users permission to /dev/bpf*. For example: sudo chmod go+r /dev/bpf*
You must be running tnv as root, or change the permission of the capture device. Use chown to set your user as owner or chmod to give all users permission to /dev/bpf*. For example: sudo chmod go+r /dev/bpf*
Why am I getting an Exception like java.lang.UnsatisfiedLinkError related to openOffline or lookupDevices?
These kind of exceptions are because the jpcap library is not loaded. jpcap is the java wrapper around the pcap/winpcap native library. This library needs to get loaded at startup using the java option: -Djava.library.path=<path-to-jpcap> You can accomplish this by running the tnv_startup.bat or tnv_startup.sh script that is included with the download (which includes pre-compiled jpcap libraries under the lib directory for Windows, Linux, Mac [ppc], and Mac [intel]).
These kind of exceptions are because the jpcap library is not loaded. jpcap is the java wrapper around the pcap/winpcap native library. This library needs to get loaded at startup using the java option: -Djava.library.path=<path-to-jpcap> You can accomplish this by running the tnv_startup.bat or tnv_startup.sh script that is included with the download (which includes pre-compiled jpcap libraries under the lib directory for Windows, Linux, Mac [ppc], and Mac [intel]).
Why am I getting an Exception java.lang.NoClassDefFoundError related to java.lang.Enum?
java.lang.Enum is a new feature in Java 5. You will need at least Java SE 1.5 or higher. To upgrade your version of Java, get the latest Sun JRE.
java.lang.Enum is a new feature in Java 5. You will need at least Java SE 1.5 or higher. To upgrade your version of Java, get the latest Sun JRE.
Why am I getting an Exception java.lang.NoClassDefFoundError related to /usr/lib/libgcj.so on Linux?
You are using the GCJ jre, which will not work - you need the Sun JRE. You may need to edit the startup script to specify the correct java binary.
You are using the GCJ jre, which will not work - you need the Sun JRE. You may need to edit the startup script to specify the correct java binary.
Why am I getting an error: Failed dependencies: libstdc++-libc6.2-2.so.3 is needed on Linux?
You need to install the rpm compat-libstdc++-##.
You need to install the rpm compat-libstdc++-##.
Why was tnv so slow on Windows?
For tooltips, it was trying to resolve IP addresses to host names using DNS. While this posed no problems on Linux and Mac, it caused extreme lags in Windows. This method has been removed in version 0.3.3 - so Windows performance is now comparable to other platforms.
For tooltips, it was trying to resolve IP addresses to host names using DNS. While this posed no problems on Linux and Mac, it caused extreme lags in Windows. This method has been removed in version 0.3.3 - so Windows performance is now comparable to other platforms.
How do I increase the amount of memory tnv will use?
Edit the tnv_startup.sh (Unix) or tnv_startup.bat (Windows) file, and increase as high as you can: -Xms512m -Xmx1024m (the first number is the minimum amount of MB to allocate, the second is the maximum). For a Mac OS X application, right click on the application and choose 'Show Package Contents' and open 'Contents'. Open the info.plist file and edit the values for 'VMOptions' under 'Java'.
Edit the tnv_startup.sh (Unix) or tnv_startup.bat (Windows) file, and increase as high as you can: -Xms512m -Xmx1024m (the first number is the minimum amount of MB to allocate, the second is the maximum). For a Mac OS X application, right click on the application and choose 'Show Package Contents' and open 'Contents'. Open the info.plist file and edit the values for 'VMOptions' under 'Java'.
Where can I get sample data to test tnv?
- The Honeynet Project has many data sets available at: http://www.honeynet.org/scans/
- Sample data files are also available from the Ethereal Community at: http://wiki.ethereal.com/SampleCaptures
- Larger data sets from the MIT Lincoln Laboratory ID Evaluation are available at: http://www.ll.mit.edu/IST/ideval/data/data_index.html.
- In addition to being able to open saved tcpdump (pcap) data files, tnv can capture packets in real time.
