I've been tasked with capturing "web traffic" outbound from my site. I was planning on using TCPDUMP to log the traffic, then a little post log processing, but the tcpdump I'm getting is pretty chatty. While trying to trim the output to a manageable volume, I've gotten this far: tcpdump -n tcp port 80 -w web_traffic.log but that logs all port 80 traffic right? How should I isolate JUST the SYN? Boss only wants to track traffic TO web sites... - This is the TCPDUMP workers list. It is archived at http://www.tcpdump.org/lists/workers/index.html To unsubscribe use mailto:[EMAIL PROTECTED]?body=unsubscribe
[tcpdump-workers] TCPDUMP for Capturing SYN Traffic?
Isherwood Jeff C Contr AFRL/IFOSS Wed, 21 Feb 2001 16:11:31 -0800
- Re: [tcpdump-workers] TCPDUMP for Captur... Isherwood Jeff C Contr AFRL/IFOSS
- Re: [tcpdump-workers] TCPDUMP for C... Guy Harris
- Re: [tcpdump-workers] TCPDUMP for C... Michael Richardson
