Bugtraq mailing list archives
Re: Packet Tracing (linux klog patch)
From: abial () WEBGIRO COM (Andrzej Bialecki)
Date: Tue, 15 Feb 2000 23:32:08 +0100
On Sat, 12 Feb 2000, Dragos Ruiu wrote:
How to use it: -This patch makes the kernel log all ethernet packets to syslog. -The logging happens at the default level. I.e. normally on. -You can turn logging on and off at the console by using the Magic SysRq key and a number to change the logging level. -Put the interface into promiscuous mode: ifconfig eth0 promisc Notes: -It makes a neat hotkey sniffer when using the text console too. -It seems to run pretty fast. Any benchmark data welcome(-->dr () dursec com). -try a tail -f /var/log/messages for real time display
I was wondering... Are you sure it doesn't overrun the kernel message buffer? I noticed that sometimes, when you produce tons of messages from within the kernel, some of them are lost. I would rather use package as NeTraMet for doing this - it also does very nice traffic compression in the form of flows - very fast, extremely flexible, uses standard libpcap, doesn't require kernel patching etc... Andrzej Bialecki // <abial () webgiro com> WebGiro AB, Sweden (http://www.webgiro.com) // ------------------------------------------------------------------- // ------ FreeBSD: The Power to Serve. http://www.freebsd.org -------- // --- Small & Embedded FreeBSD: http://www.freebsd.org/~picobsd/ ----
Current thread:
- Reminder: BOF on Distributed DoS, San Jose 2/7/00, (continued)
- Reminder: BOF on Distributed DoS, San Jose 2/7/00 David Kennedy CISSP (Feb 06)
- Infosec.20000207.axis700.a Vitek, Ian (Feb 07)
- Re: Evil Cookies. Thomas Reinke (Feb 04)
- Re: Evil Cookies. Dylan Griffiths (Feb 07)
- 'cross site scripting' CERT advisory and MS Eric Lecht (Feb 08)
- Re: 'cross site scripting' CERT advisory and MS Dustin Miller (Feb 09)
- Re: 'cross site scripting' CERT advisory and MS David LeBlanc (Feb 10)
- Re: 'cross site scripting' CERT advisory and MS Marc Slemko (Feb 11)
- Re: 'cross site scripting' CERT advisory and MS Rishi Lee Khan (Feb 14)
- Packet Tracing (linux klog patch) Dragos Ruiu (Feb 12)
- Re: Packet Tracing (linux klog patch) Andrzej Bialecki (Feb 15)
- Re: Packet Tracing (linux klog patch) Dragos Ruiu (Feb 17)
- Re: Packet Tracing (linux klog patch) Andrzej Bialecki (Feb 17)
- crash windows boxes on your local network (twinge.c) sinkhole () NILL NET (Feb 10)
- Re: crash windows boxes on your local network (twinge.c) Elias Levy (Feb 14)
- DDOS Attack Mitigation Elias Levy (Feb 11)
- TESO - Nameserver traffic amplify and NS route discovery Sebastian (Feb 12)
- Re: DDOS Attack Mitigation Darren Reed (Feb 13)
- Re: DDOS Attack Mitigation Alan Brown (Feb 14)
- Re: DDOS Attack Mitigation Darren Reed (Feb 14)
- NetBSD Security Advisory 1999-012 Daniel Carosone (Feb 15)