tcpdump mailing list archives

Previous By Date Next
Previous By Thread Next

Re: tcpdump and wireshark

From: Dmitry <mitroko () gmail com>
Date: Mon, 22 Sep 2008 18:18:31 +0400
Yeah! You´re right!

Dumping packets via tcpdump to file, I can choose packet and cut out payload
starting from 0x0042
Therefore It could be done via dd utility and some scripting avoiding
libpcap.

Via tcpflow I can dump sessions. That´s more convenient.

Thanks in advance!

It would be better to make tcpdump available dump payloads.

Dmitry


On Mon, Sep 22, 2008 at 2:12 PM, <marco () linuxgoeroe dhs org> wrote:




And now my question is:
can tcpdump extract payloads from packets, or it just extracting headers?


No, tcpdump by itself can't. But that's what tcpflow does.

               Regards,

                      Marco.
-
This is the tcpdump-workers list.
Visit https://cod.sandelman.ca/ to unsubscribe.


-
This is the tcpdump-workers list.
Visit https://cod.sandelman.ca/ to unsubscribe.
Previous By Date Next
Previous By Thread Next

Current thread: