Rustybear Blog

Tue, 04 Oct 2005

tethereal and tcpdump

tethereal -R aim -i eth1
    // captures aim packets on interface eth1

tethereal -R ip.src==10.10.10.157 -i eth1
    // captures packets on interface eth1
    // that come from 10.10.10.157

tcpdump -a -s 0 -i eth1 -w fn host sakura.hawkwood
    // captures all packets to/from sakura.hawkwood
    // write everything to file fn
    // listens on interface eth1 only
    // snaplen of packets set to zero to use the length
        needed to capture the whole packet and not truncate
    // -a attempts to convert addresses to names

tethereal -r fn | grep 'ABC' | more
    // use tethereal to read a tcpdump file fn and 
    // look for occurances of 'ABC'

Posted at: 00:00 | category: /commands | Comments ()

Categories

• • / (66)
  • commands/ (19)
  • configure/ (11)
  • database/ (6)
  • • mysql/ (3)
    • postgresql/ (1)
  • dev/ (8)
  • gimp/ (3)
  • graphics/ (5)
  • mail/ (9)
  • other/ (2)
  • vi/ (3)

Links

• Python
• Debian

	October 2005					>
Su	Mo	Tu	We	Th	Fr	Sa
						1
2	3	4	5	6	7	8
9	10	11	12	13	14	15
16	17	18	19	20	21	22
23	24	25	26	27	28	29
30	31