Yes;
It is a sniffer . It comes included with your cd of RedHat linux
( I think from 5.0 and up ) . It is better than not having anything at
all , I mean , It tells tou what is going on (up to a certain level)
within your network.
Once you have it installed all you have to do is type:
tcpdump -evv -i eth0 and you are ready to go.
Where -evv commands it to be more verbose and tells you a little more
information about where the packets are coming from , ports and
protcols.
-i eth0 commands it to listen on eth0 ( your first NIC ) , soma syou
can tell , if you have more than one NIC , you can select which one of
them can be put to listen ( eth1 eth2 eth3 , and so on...)
Hope that helps ...
> Anybody heard about tcpdump
>
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
