> Date: Wed, 24 Feb 2010 18:17:11 +1100 > Subject: RE: netstat ? > From: tim@clewlow.org > To: debian-user@lists.debian.org > > >> > >> In <[🔎] SNT125-W503AD2F570F2C86CE7A4AFDB410@phx.gbl>, Hadi Motamedi > >> wrote: > >> >My Debian server is at @172.16.128.1 and the remote network > >> element is at > >> > @172.16.4.1 , > > > > Thank you for your reply . Sorry , you mean the tcpdump can be used > > to monitor the exchanged packets toward an spesific ip address ? I > > thought that it can just monitor all of the packets on my eth0 and > > then I need to find the dedicated port to try to filter with . If it > > can do that , please provide me with an example on how to use it to > > monitor for an specific ip address ? > > > > >From your server (as root) the following command will dump traffic > data to/from the remote network elemnt. > > tcpdump host 172.16.4.1 > > If you want to see the payload of each packet in hex and ascii (from > previous posts I'm guessing you do) > > tcpdump host 172.16.4.1 -XX > > if you want to save the data in a file for later analysis > > tcpdump host 172.16.4.1 -XX >> somefile > > ****** > > if you want to know why you are doing this > > man tcpdump > > Regards, Tim. > > > > > -- > To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org > with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org > Archive: http://lists.debian.org/[🔎] d35076bdb992d8bcae6b22454c5326c8.squirrel@192.168.1.100 > Thank you for your reply . Sorry , Is this equal to the following ? #tcpdump dst 172.16.4.1 But the payload data is not human readable , even if adding '-XX' switch . Can you please let me know if I need to use another appropriate switch or it comes from the fact that the protocol is some proprietary one ? Hotmail: Free, trusted and rich email service. Get it now. |