Hi Guy Harris
Thanks Guy Harris :-)
Can I have online docs to understand TCP/IP Protocol and just to understand
how the Network Packets are constructed.
Thanks a Lot
Awaiting your earnest reply
Regards
Kaushal
On 7/19/07, Guy Harris [EMAIL PROTECTED] wrote:
Kaushal Shriyan wrote:
is
Do you just want traffic between 192.168.0.1 AND 192.168.0.2? If so,
that should work.
Les Bowditch
Senior Network Operations Analyst
Shift Networks
Suite 320, 1121 Centre Street NW
Calgary, AB T2E 7K6
Tel: +1 (403) 536-5491
Tel: +1 (866) 963-8749
Fax: +1 (403) 770-7449
[EMAIL
Kaushal Shriyan wrote:
Thanks and what does s 0 signifies, I know s means snapshot length so
what does s 0 signifies
It means the maximum snapshot length, which is 65535 bytes. (Versions
of tcpdump prior to 3.6 require that you do -s 65535, but all later
versions support -s 0.)
Thanks Guy Harris
One more question
is it better to run tcpdump -i eth0 -s 0 -w dump host 192.168.0.1 and host
192.168.0.2 and port 443
or instead tcpdump -i eth0 -s 1500 -w dump host 192.168.0.1 and host
192.168.0.2 and port 443
which is the best method
Thanks and Regards
Kaushal
On
Kaushal Shriyan wrote:
is it better to run tcpdump -i eth0 -s 0 -w dump host 192.168.0.1
http://192.168.0.1/ and host 192.168.0.2 http://192.168.0.2/ and
port 443
or instead tcpdump -i eth0 -s 1500 -w dump host 192.168.0.1
http://192.168.0.1/ and host 192.168.0.2 http://192.168.0.2/
Hi,
Youa re using dst host and src host that's why.
To see both direction between thiese hosts try tcpdump -i eth0 -s 1500 -w dump
host 192.168.0.1 http://192.168.0.1 and host www.example.com
http://www.example.com
This way you will have only host to host conversation both
you are using src and dst filters.
this is why you are only seeing traffic going in one way
try just using the host that you are interested in
so
tcpdump -i eth0 -s 1500 -w dump2 host www.example.com
On 18/05/07, Kaushal Shriyan [EMAIL PROTECTED] wrote:
Hi
I have to capture network traffic
Kaushal Shriyan wrote:
I have to capture network traffic between an appliance and content
server using tcpdump command and then dump to a file and read and decode
it using wireshark
How do i proceed
I have used tcpdump -i eth0 -s 1500 -w dump src host 192.168.0.1
and dst host