Penetration Testing mailing list archives
Re: Auditing / Logging
From: Steve Shah <sshah () planetoid org>
Date: Tue, 13 Jan 2004 13:25:04 -0800
On Tue, Jan 13, 2004 at 03:32:42PM -0500, Don Parker wrote:
tcpdump -i eth0 -nXvs 0 ip and host xxx.xxx.xxx.xxx -w some_file This way you will get verbose logging as well as both hex and ascii o/p
Indeed, however, the purpose of captuing the whole packet and dropping it to disk is that it allows you go back and replay as much or as little of the traffic as you like with whatever kind of output you like. Dumping the traffic to console in addition to a file will slow the capture down and run you the risk of dropping packets. -Steve -- Steve Shah sshah () planetoid org - http://www.planetoid.org/ Beating code into submission, one OS at a time... --------------------------------------------------------------------------- ----------------------------------------------------------------------------
Current thread:
- Re: Auditing / Logging, (continued)
- Re: Auditing / Logging R. DuFresne (Jan 12)
- Re: Auditing / Logging Don Parker (Jan 12)
- Re: Auditing / Logging Frank Knobbe (Jan 13)
- RE: Auditing / Logging Rob Shein (Jan 18)
- RE: Auditing / Logging Steve Armstrong (Jan 20)
- RE: Auditing / Logging Rob Shein (Jan 20)
- Re: Auditing / Logging Travis Schack (Jan 12)
- Re: Auditing / Logging Steve Shah (Jan 13)
- Re: Auditing / Logging cdowns (Jan 13)
- Re: Auditing / Logging Steve Shah (Jan 13)
- Re: Auditing / Logging Don Parker (Jan 13)
- Re: Auditing / Logging Steve Shah (Jan 13)
- Re: Auditing / Logging Don Parker (Jan 13)
- Re: Auditing / Logging Steve Shah (Jan 14)