On Sat, Feb 20, 2010 at 06:05:50AM +0000, Hadi Motamedi wrote:
> Dear All
> I have put tcpdump trace on port 4957 on my Debian server , as the following :
> #tcpdump port 4957
> I want to obtain the payload data to see what is realy being exchanged between my Debian server and the outside network element . Can you please let me know how I can modify my command ?
tcpdump -s0 -w output.pcap port 4957
Consider also adding -n if name resolution takes extra time.
This will send output to output.pcap .
Later on run:
and analyze the flows there.
Naturally you can use other programs.
Tzafrir Cohen | email@example.com | VIM is
http://tzafrir.org.il | | a Mutt's
firstname.lastname@example.org | | best
ICQ# 16849754 | | friend
- From: Hadi Motamedi <email@example.com>