Penetration Testing mailing list archives

Re: [PEN-TEST] tcpdump question ?

From: Jose Nazario <jose () BIOCSERVER BIOC CWRU EDU>
Date: Tue, 27 Feb 2001 22:10:22 -0500

On Tue, 27 Feb 2001, cdowns wrote:

what is he best tool to decode a tcpdump -s 0 -w sniff_test -i eth0
-vvv session ? thanks in advance


depends on specifics, but often ethereal is AWESOME due its protocol
decodes. it reads tcpdump files just fine. :)

otherwise i usually start slogging through the tcpdump output in
perl/awk/grep. i'm a fan of too much data that way.

____________________________
jose nazario                                                 jose () cwru edu
                     PGP: 89 B0 81 DA 5B FD 7E 00  99 C3 B2 CD 48 A0 07 80
                                       PGP key ID 0xFD37F4E5 (pgp.mit.edu)

Current thread:

[PEN-TEST] tcpdump question ? cdowns (Feb 27)
- Re: [PEN-TEST] tcpdump question ? Vincent Maes (Feb 28)
- Re: [PEN-TEST] tcpdump question ? Scott Nursten (Feb 28)
- Re: [PEN-TEST] tcpdump question ? Jose Nazario (Feb 28)