On 14/03/2014 15:59, Martin Møller Skarbiniks Pedersen wrote: > Hi, > > I am currently updating my 201 teaching material and I just noticed that > wireshark was dropped from the 205.2 but tcpdump is still there ?! > Isn't that a mistake ? > > I consider wireshark a nice GUI frontend for tcpdump.
I would not consider that a mistake at all. I would consider that desirable. tcpdump is the workhorse engine, the part sysadmins are supposed to know about. Wireshark is, well, it's a pretty front end gui. It's also hard to examine (like all GUI tools) - the questions usually end up being some form of "where do you click to get feature X?" By all means included wireshark in your classes - tcpdump on it's own is hard to grasp at first whilst wireshark demonstrates what is going on. So it makes a very good teaching tool, but not a good examinable one. -- Alan McKinnon alan.mckin...@gmail.com _______________________________________________ lpi-examdev mailing list lpi-examdev@lpi.org http://list.lpi.org/cgi-bin/mailman/listinfo/lpi-examdev
