Penetration Testing mailing list archives

Re: [PEN-TEST] tcpdump question ?

From: Vincent Maes <vince.maes () ONSEMI COM>
Date: Tue, 27 Feb 2001 21:14:14 -0700

See
http://ftp.cerias.purdue.edu/pub/tools/unix/sysutils/tcpshow/tcpshow.c

Found TCPshow to be useful. And, it's possible to run tcpshow in real
time.  Enter the command:
tcpdump -s 1518 -lenx | tcpshow -cooked -data (see comments in source)

Also, you should use the tcpdump switch "-x" to capture the entire
datagram and default snaplen in hex.

Hope this helps,
-VM



cdowns wrote:


what is he best tool to decode a tcpdump -s 0 -w sniff_test -i eth0 -vvv
session ? thanks in advance

-D

Attachment: vince.maes.vcf
Description: Card for Vincent Maes

Current thread:

[PEN-TEST] tcpdump question ? cdowns (Feb 27)
- Re: [PEN-TEST] tcpdump question ? Vincent Maes (Feb 28)
- Re: [PEN-TEST] tcpdump question ? Scott Nursten (Feb 28)
- Re: [PEN-TEST] tcpdump question ? Jose Nazario (Feb 28)