Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

Re: FW: Question for DNS pros
From: Frank Knobbe <frank () knobbe us>
Date: Sun, 25 Jul 2004 17:51:12 -0500

On Sun, 2004-07-25 at 13:57, Paul Schmehl wrote:
For the last time, I have *already* done this.  With both a snaplen of 1024 
and a snaplen of 4096.  It *hasn't* produced anything useful unless someone 
thinks *this* is useful  (I'm using tcpdump on FreeBSD 4.9 RELEASE.):

tcpdump -c 100 -xX -s 4069 -i xl0 -p -w x.x.dump 'udp && host x.x.x.x && 
port 53' (Our IP has been changed to x.x.x.x)

Paul,

could you please post some *payload* of these packets instead of just
the tcpdump one-liner? Perhaps that's why we confused about your tcpdump
output/usage.

Thanks,
Frank

Attachment: signature.asc
Description: This is a digitally signed message part


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault