[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

RE: tcpdump?




 
> Date: Sun, 21 Feb 2010 18:11:31 +0000
> From: tzafrir@cohens.org.il
> To: debian-user@lists.debian.org
> Subject: Re: tcpdump?
>
> On Sat, Feb 20, 2010 at 06:05:50AM +0000, Hadi Motamedi wrote:
> >
> > Dear All
> > I have put tcpdump trace on port 4957 on my Debian server , as the following :
> > #tcpdump port 4957
> > I want to obtain the payload data to see what is realy being exchanged between my Debian server and the outside network element . Can you please let me know how I can modify my command ?
>
>
> tcpdump -s0 -w output.pcap port 4957
>
>
> Consider also adding -n if name resolution takes extra time.
>
> This will send output to output.pcap .
>
> Later on run:
>
> wireshark output.pcap
>
> and analyze the flows there.
>
> Naturally you can use other programs.
>
> --
> Tzafrir Cohen | tzafrir@jabber.org | VIM is
> http://tzafrir.org.il | | a Mutt's
> tzafrir@cohens.org.il | | best
> ICQ# 16849754 | | friend
>
>
> --
> To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
> Archive: http://lists.debian.org/20100221181130.GW16560@pear.tzafrir.org.il
>
 
Thank you for your reply . I tried according to your comment , but still the intended exchanged command cannot be captured on the Wireshark analyze .

 


Hotmail: Powerful Free email with security by Microsoft. Get it now.

Reply to: