Home page logo

pen-test logo Penetration Testing mailing list archives

Re: Auditing / Logging
From: Steve Shah <sshah () planetoid org>
Date: Tue, 13 Jan 2004 13:25:04 -0800

On Tue, Jan 13, 2004 at 03:32:42PM -0500, Don Parker wrote:
tcpdump -i eth0 -nXvs 0 ip and host xxx.xxx.xxx.xxx -w some_file

This way you will get verbose logging as well as both hex and ascii o/p

Indeed, however, the purpose of captuing the whole packet and 
dropping it to disk is that it allows you go back and replay
as much or as little of the traffic as you like with whatever
kind of output you like. Dumping the traffic to console in 
addition to a file will slow the capture down and run you the
risk of dropping packets. 


Steve Shah
sshah () planetoid org - http://www.planetoid.org/
Beating code into submission, one OS at a time...


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]