Re: tcpdump --important

To: <debian-user@lists.debian.org>
Subject: Re: tcpdump --important
From: "nate" <debian-user@aphroland.org>
Date: Mon, 28 Apr 2003 13:15:25 -0700 (PDT)
Message-id: <[🔎] 34223.10.10.10.7.1051560925.squirrel@webmail.linuxpowered.net>
In-reply-to: <[🔎] 1051558643.15263.2.camel@RedhatServer>
References: <[🔎] 1051558643.15263.2.camel@RedhatServer>

Vivek Kumar said:
> Hi all,
>
> How can I sniff the packet transfer between 2 machines. I am on Linux box
> and I want to sniff 2 machines which are on the same network and store the
> output in a file. These 2 machines are not Linux boxes.
> Is it possible to do that ??

best way to do that is setup a bridge. depending on how much traffic
your transferring you may want to use freebsd instead. You'll need
2 NICs for the bridge plus another NIC if you want the bridging system
reachable from the network.

second way to do this is use a hub, but theres no gaurantee you'll
see every single packet on the hub I think, the bridge gaurantees
every bit of traffic will traverse the network cards on the bridge.

after that then consult the manpage for tcpdump depending on what kind
of data you want to capture.

the biggest part will be setting up the bridge though.

nate

Reply to:

References:
- tcpdump --important
  - From: Vivek Kumar <vivek@gorave.net>

Prev by Date: Re: How to pull only kernel 2.4.20 in from testing?
Next by Date: Translation services - Services de traduction
Previous by thread: tcpdump --important
Next by thread: Evolution won't start...
Index(es):
- Date
- Thread