On Mon, Jun 17, 2013 at 11:41 AM, David Blanton <[email protected]> wrote: > Sorry - I am relatively new to Linux/RHLE5. > > I read the page on tcpdump command and cannot figure out what they mean by > interface. What would I specifically be addressing as the interface here? >
`ifconfig -a` will give you a list of interfaces. The one with the IP address is the one you want to start with. > On Monday, June 17, 2013 11:32:04 AM UTC-4, dan (ddpbsd) wrote: >> >> On Mon, Jun 17, 2013 at 11:22 AM, David Blanton >> <[email protected]> wrote: >> > >> > Here is what happened when I did your command: >> > >> > # tcpdump port 25 >> > >> > tcpdump: verbose output suppressed, use -v or -vv for full protocl >> > decode >> > listening on eth0, link-type EN10MB (Etherned), capture size 96 bytes >> > (ctrl + c) >> > 0 packets captured >> > 0 packets received by filter >> > 0 packets dropped by kernel >> > >> >> Are you sure this is the correct interface? Are you sure an alert >> fired that should trigger an email to the att address? >> >> > -- >> > >> > --- >> > You received this message because you are subscribed to the Google >> > Groups >> > "ossec-list" group. >> > To unsubscribe from this group and stop receiving emails from it, send >> > an >> > email to [email protected]. >> > For more options, visit https://groups.google.com/groups/opt_out. >> > >> > > > -- > > --- > You received this message because you are subscribed to the Google Groups > "ossec-list" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > For more options, visit https://groups.google.com/groups/opt_out. > > -- --- You received this message because you are subscribed to the Google Groups "ossec-list" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/groups/opt_out.
