From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] > I need to sniff a network segment and I need to sniff both > headers and > data. Because tcpdump captures only headers its unsuitable > for the task. > I saw that ports has ettercap and sniffit but I didn' get around to > testing them to see if they will do the job I need. Can > anyone recommend > other tools that will do the work?
You can increase the size of the packet that you want tcpdump to capture. Check out the -s switch. Alternatively you could use e.g. snort, or tcpflow, or several others. DS