RE: How can I catch IP packet content ?

From: Robert D. Hughes (rob@robhughes.com)
Date: 10/22/01


Subject: RE: How can I catch IP packet content ?
Date: Sun, 21 Oct 2001 22:00:21 -0500
Message-ID: <B95B566BD245174196CA4EE29E5818830D6009@HEXCH01.robhughes.com>
From: "Robert D. Hughes" <rob@robhughes.com>
To: "Daniel Pope" <danila2us@yahoo.com>, <security-basics@securityfocus.com>


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

I use the following command in tcpdump (installed by default on almost
all Linux distributions):

tcpdump -evvvX

If you want to write the data to a file, add -w . There are a lot of
other options, such as looking at only certain protocols, host
communications, ports, etc. Man tcpdump for more info.

Rob

- -----Original Message-----
From: Daniel Pope [mailto:danila2us@yahoo.com]
Sent: Saturday, October 20, 2001 7:32 PM
To: security-basics@securityfocus.com
Subject: How can I catch IP packet content ?

> Dear All,
> I'm using Linux Red Hat.I'm trying to learn more
and more about TCP-IP.
> I know how to set ipchains in order to list a
packet from TCP-IP
> traffic, but I want to find what Linux command or
software tools enable
> me to catch (and display)all the content of an IP
packet. Sniffers !?
> Thank you in advance !
>
  

__________________________________________________
Do You Yahoo!?
Make a great connection at Yahoo! Personals.
http://personals.yahoo.com

-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 7.0.3 for non-commercial use

iQA/AwUBO9OLxea2P6TrxG1EEQI9KACcCd0BnFLm0F/V+Brqo2c4fumDAqIAoONI
azJXyEt9JUNnfFR0PFVBViUX
=UFv+
-----END PGP SIGNATURE-----






Relevant Pages

  • [PATCH 19-rc2] Fix misc .c/.h comment typos
    ... Implements an interface for i2c compatible eeproms to run under linux. ... Changed struct initializer syntax to the currently preferred notation ... ** Packet is an actual packet structure to be filled in with the packet ... -** as the command processore doesn't process the command packet in any way. ...
    (Linux-Kernel)
  • Re: Mysterious delay establishing any TCP/IP connection
    ... >> trace with tcpdump of an attempted connection? ... >> seconds before your initial packet for a connection request is sent, ... > the following command: ... Neil Horman ...
    (comp.os.linux.networking)
  • Re: Mysterious delay establishing any TCP/IP connection
    ... >> trace with tcpdump of an attempted connection? ... >> before your initial packet for a connection request is sent, ... > the following command: ...
    (comp.os.linux.networking)
  • Re: Linux 2.6.9 pktgen module causes INIT process respawning and sickness
    ... > I can sustain full line rate gigabit on two adapters at the tsame time ... > current DMA architectures on 400 Mhz buses with Linux. ... > overhead of serializing writes to the adapter ring buffer IO ... overhead than a simple packet generator or pktgen. ...
    (Linux-Kernel)
  • Re: TCP/IP stack performance
    ... > I am interested in knowing IP forwarding performance when a Linux ... especially when MIPs isn't a very scientific measure. ... drivers seem to swamp the system at a certain packet rate, ... this corresponds to 6329 instructions per 64 byte packet. ...
    (comp.os.linux)