[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

RE: netstat ?




 
> Date: Wed, 24 Feb 2010 18:17:11 +1100
> Subject: RE: netstat ?
> From: tim@clewlow.org
> To: debian-user@lists.debian.org
>
> >>
> >> In <SNT125-W503AD2F570F2C86CE7A4AFDB410@phx.gbl>, Hadi Motamedi
> >> wrote:
> >> >My Debian server is at @172.16.128.1 and the remote network
> >> element is at
> >> > @172.16.4.1 ,
> >
> > Thank you for your reply . Sorry , you mean the tcpdump can be used
> > to monitor the exchanged packets toward an spesific ip address ? I
> > thought that it can just monitor all of the packets on my eth0 and
> > then I need to find the dedicated port to try to filter with . If it
> > can do that , please provide me with an example on how to use it to
> > monitor for an specific ip address ?
>
>
>
> >From your server (as root) the following command will dump traffic
> data to/from the remote network elemnt.
>
> tcpdump host 172.16.4.1
>
> If you want to see the payload of each packet in hex and ascii (from
> previous posts I'm guessing you do)
>
> tcpdump host 172.16.4.1 -XX
>
> if you want to save the data in a file for later analysis
>
> tcpdump host 172.16.4.1 -XX >> somefile
>
> ******
>
> if you want to know why you are doing this
>
> man tcpdump
>
> Regards, Tim.
>
>
>
>
> --
> To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
> Archive: http://lists.debian.org/d35076bdb992d8bcae6b22454c5326c8.squirrel@192.168.1.100
>
Thank you for your reply . Sorry , Is this equal to the following ?
#tcpdump dst 172.16.4.1
But the payload data is not human readable , even if adding '-XX' switch . Can you please let me know if I need to use another appropriate switch or it comes from the fact that the protocol is some proprietary one ?

 


Hotmail: Free, trusted and rich email service. Get it now.

Reply to: