[ale] TCPDUMP and its alternatives?
Jason Day
jasonday at worldnet.att.net
Tue Jun 20 10:45:09 EDT 2006
On Mon, Jun 19, 2006 at 08:38:20PM -0400, Michael B. Trausch wrote:
> Certainly wasn't the tool that I had previously used. I am trying to see if
> this will do what I am looking for -- I just want the IP:Port-->IP:Port
> Data parts of the packet, and Ethereal seems to just give all the packets.
Ethereal has a really handy feature to show just the text portion of the
traffic. Just right-click on a packet in the conversation and select
"Follow TCP stream". Great for debugging HTTP sessions.
> Also, I can't seem to save the output on the system - it tells me that I
> don't have the rights (as root!)
That sounds like a bug. I've never had a problem saving the output from
ethereal.
Another advantage of ehtereal is that it can read files created with
tcpdump, which is useful if you need to collect the data on a headless
server.
--
Jason Day jasonday at
http://jasonday.home.att.net worldnet dot att dot net
"Of course I'm paranoid, everyone is trying to kill me."
-- Weyoun-6, Star Trek: Deep Space 9
More information about the Ale
mailing list