-----BEGIN PGP SIGNED MESSAGE-----
>>>>> "Invernizzi" == Invernizzi Fabrizio <[EMAIL PROTECTED]> writes:
Invernizzi> is there any plans to have remote capture capabilities
Invernizzi> included in libpcap?
None.
I would want at the least:
1) an IETF standard capture format
2) an IETF standard filter language
3) a clear explanation of the trust model implied
I know of no standard "remote capture" interfaces or protocols, but please
educate me.
As far as I can tell, "ssh remotehost tcpdump args" works as well as
anything, and has a well defined security system already.
Invernizzi> I need such a feature in order to simultaneous capture
Invernizzi> traffic in different point of the network, and, the only way
Invernizzi> i found out, is to have to different tcpdump running on
Invernizzi> different unix machines and do post analisys of saved
Invernizzi> captured traffic.
Yes. The other reason that you might want to do this is because you want to
avoid capturing the traffic about the capture.
] ON HUMILITY: to err is human. To moo, bovine. | firewalls [
] Michael Richardson, Sandelman Software Works, Ottawa, ON |net architect[
] [EMAIL PROTECTED] http://www.sandelman.ottawa.on.ca/ |device driver[
] panic("Just another Debian GNU/Linux using, kernel hacking, security guy"); [
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)
Comment: Finger me for keys
iQCVAwUBPt9B6IqHRg3pndX9AQF9HwQAmyOjG0MhgbL9yPG4Y+XpDcPGULXByF2S
QTzyioo8765yjgRKF7rX08EAGoy0os6ECC4fysAfsZh14DnBAPzXo5F7umfO4Cwm
ABGT3UUpb7xLczaaPwUuJmRUw0sjdnQgMd+F3moyinrT3OZttiRnNCz9XA/Ws8k0
/EHv6Bhn8EA=
=YwG8
-----END PGP SIGNATURE-----
-
This is the TCPDUMP workers list. It is archived at
http://www.tcpdump.org/lists/workers/index.html
To unsubscribe use mailto:[EMAIL PROTECTED]
