[lug] Mailman question

karl horlen horlenkarl at yahoo.com
Sun Mar 9 19:13:49 MDT 2008


Perfect.

The key is to specify the interface and the port.  

Even better that you anticipated my followup question
which was how easy the dump would be to read.  It
sounds like you need another utility 'wireshark' to
make analyzing the dump manageable.

Any reason why one would use or prefer tcpdump over
ethereal?

Thanks

> Run tcpdump on the web server or on the client:
> 
> tcpdump -i eth0 -w httpsniff.tcpdump -s 0 -vv port
> 80
> 
> will start a sniff on interface eth0, write the
> results to the file 
> httpsniff.tcpdump, capture the full package, extra
> verbosely, all 
> packets that have a source or destination of port
> 80.
> 
> After the dump is written out, I load it into
> wireshark and use 
> Analyze-TCP Stream which will usually print out
> everything in a nice 
> human readable format.
> 
> Hugh
> _______________________________________________
> Web Page:  http://lug.boulder.co.us
> Mailing List:
> http://lists.lug.boulder.co.us/mailman/listinfo/lug
> Join us on IRC: lug.boulder.co.us port=6667
> channel=#colug
> 



      ____________________________________________________________________________________
Looking for last minute shopping deals?  
Find them fast with Yahoo! Search.  http://tools.search.yahoo.com/newsearch/category.php?category=shopping



More information about the LUG mailing list