RE: igmp and SHADOW (tcpdump filters and igmp) - solution
From: Jerry A. Shenk (jshenk@decommunications.com)Date: 02/07/02
- Previous message: Wirth, Jeff: "RE: igmp and SHADOW (tcpdump filters and igmp)"
- In reply to: Jerry A. Shenk: "igmp and SHADOW (tcpdump filters and igmp)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "Jerry A. Shenk" <jshenk@decommunications.com> To: "Focus on Intrusion Detection Systems" <FOCUS-IDS@SECURITYFOCUS.COM> Date: Thu, 7 Feb 2002 16:01:04 -0500
filter 'net 224' - all igmp is net 224 so that filter does the trick.
> -----Original Message-----
> From: Jerry A. Shenk [mailto:jshenk@decommunications.com]
> Sent: Thursday, February 07, 2002 2:54 PM
> To: Focus on Intrusion Detection Systems
> Subject: igmp and SHADOW (tcpdump filters and igmp)
>
>
> I have a SHADOW system installed and there's an increasing amount of igmp
> traffic showing up. I can't figure out a tcpdump filter to get rid of
> that...or for that matter to show it when tcpdump is run from the
> command-line. Does anybody have any suggestions for collecting (or not)
> igmp traffic with tcpdump?
>
> --------------------------------------------------------------
> Jerry A. Shenk - MCNE, CCNA,
> GCIA (GIAC Certified Intrusion Analyst)
> GCIH (GIAC Certified Intrusion Handler)
> Sr. Systems Engineer - Computer Networking Services
> D&E Networks, Inc.
> jshenk@decommunications.com (also jas@decns.com)
> 1-877-433-8632 Fax via efax: (253) 323-5149 (new number 6/9/01)
>
> my website: http://jerryslinux.dyndns.org/jas - PGP sig. file on this site
>
>
- Previous message: Wirth, Jeff: "RE: igmp and SHADOW (tcpdump filters and igmp)"
- In reply to: Jerry A. Shenk: "igmp and SHADOW (tcpdump filters and igmp)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
