Penetration Testing mailing list archives
Re: [PEN-TEST] tcpdump question ?
From: Vincent Maes <vince.maes () ONSEMI COM>
Date: Tue, 27 Feb 2001 21:14:14 -0700
See http://ftp.cerias.purdue.edu/pub/tools/unix/sysutils/tcpshow/tcpshow.c Found TCPshow to be useful. And, it's possible to run tcpshow in real time. Enter the command: tcpdump -s 1518 -lenx | tcpshow -cooked -data (see comments in source) Also, you should use the tcpdump switch "-x" to capture the entire datagram and default snaplen in hex. Hope this helps, -VM cdowns wrote:
what is he best tool to decode a tcpdump -s 0 -w sniff_test -i eth0 -vvv session ? thanks in advance -D
Attachment:
vince.maes.vcf
Description: Card for Vincent Maes
Current thread:
- [PEN-TEST] tcpdump question ? cdowns (Feb 27)
- Re: [PEN-TEST] tcpdump question ? Vincent Maes (Feb 28)
- Re: [PEN-TEST] tcpdump question ? Scott Nursten (Feb 28)
- Re: [PEN-TEST] tcpdump question ? Jose Nazario (Feb 28)