[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

RE: netstat ?




 
> Date: Wed, 24 Feb 2010 18:44:12 +1100
> Subject: RE: netstat ?
> From: tim@clewlow.org
> To: debian-user@lists.debian.org
>
> >>
> >> tcpdump host 172.16.4.1 -XX
> >>
> >> if you want to save the data in a file for later analysis
> >>
> >> tcpdump host 172.16.4.1 -XX >> somefile
> >>
> >> ******
> >>
> >> if you want to know why you are doing this
> >>
> >> man tcpdump
> >>
> >> Regards, Tim.
> >>
> >>
> >>
> >
> > Thank you for your reply . Sorry , Is this equal to the following ?
> >
> > #tcpdump dst 172.16.4.1
> >
> > But the payload data is not human readable , even if adding '-XX'
> > switch . Can you please let me know if I need to use another
> > appropriate swit ch or it comes from the fact that the protocol is
> > some proprietary one ?
> x
>
> tcpdump dst 172.16.4.1
>
> Will give you a summary of packets that are going to (dst) 172.16.4.1
>
> If you want the payload you need the -XX switch, also, tcpdump
> defaults to only capture 96 bytes, if you want the full payload do
>
> tcpdump dst 172.16.4.1 -XX -s 0
>
> This will give you hex and ascii representations of all data being
> sent to 172.16.4.1. However, the data may not be human readable. For
> example, if the data is actually a mp3 file, then converting the
> packet to ascii wont mean it makes any sense as ascii, but if the
> data is a text file, then converting the packet to ascii probably
> will make it readable.
>
> HTH, Tim.
>
>
>
> --
> To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
> Archive: http://lists.debian.org/d145ed05234b24ee6a9a52dc7c9382e1.squirrel@192.168.1.100
>
Thank you for your reply . I tried like the following to capture the payload data from some text file exchanged in between :
#tcpdump -s 0 -XX src 172.16.4.1
But I cannot see any human readable text being captured . Can you please correct me what I am doing wrong here ?

 


Hotmail: Trusted email with Microsoft’s powerful SPAM protection. Sign up now.

Reply to: