All Questions
17 questions
1
vote
1
answer
1k
views
How to use ciscodump?
In wireshark, there is this option called Cisco remote capture: ciscodump, which, from my understanding, should enable to do a tcpdump on a cisco router (for example) via SSH and get back the results ...
- 11
0
votes
0
answers
994
views
improve TCPDUMP performance while capturing big amount of traffic
so I'm sending to some machine of mine ~2gbps of small packets (around 3.8 million packets per sec).
the machine have a tcpdump process that writes to a file running continuously without any filters.
...
- 1
0
votes
1
answer
373
views
tcpdump: (all BPF devices are busy) - How to solve this
I was running tcpdump and then after some time I got this error:
tcpdump: (all BPF devices are busy)
I am not sure why? I killed all tcpdump processes, in case that this had something to do with it, ...
- 101
1
vote
1
answer
1k
views
TcpDump capture stops after few minutes. (Windows)
I'm trying to capture all my networking with tcpdump.
I'm using tcpdump.exe -i {} -W 5 -C 10 -w capfile. After 10 mints (+-) the capture stopped for some reason, and tcpdump is still running.
Maybe ...
0
votes
1
answer
1k
views
how to program tcpdump to only capture packets and nothing else
I am developing a program where a .pcap file is going to be an input. However, when I run tcpdump -w someFile.pcap ,in Terminal, the .pcap file captures extra data such as timestamp, microseconds, ...
- 243
1
vote
0
answers
1k
views
Tcpdump or similar - How can I only capture one instance of each packet destination and port?
I want to leave something like tcpdump running for up to a week and therefore make its output as concise as possible to reduce file size and speed up post-capture analysis.
All I need to to do is log ...
- 2,756
0
votes
1
answer
265
views
How to capture network traffic periodically, with every capture file containing full network flows
I need to dump network flow periodically on a Linux platform, ideally using the command line interface (i.e., non-GUI tools), and I want every capture file (pcap files) to contain complete flows. How ...
- 111
1
vote
1
answer
1k
views
tcpreplay does not work
I have a problem with tcpreplay and hostapd, this is my scenario: a client connects to 172.24.1.91/OPEN and /CLOSE and processes a GET request to a server that lights up or down a Led. I made a Java ...
- 11
0
votes
0
answers
98
views
How do I find out to what hostname a potential malware wants to connect?
Without connecting my computer to Internet.
I can only think about netstat and packet capturing tools, but I dont really know which method is suitable.
- 95
1
vote
0
answers
1k
views
monitor and log LAN network traffic on CentOS 6.x
I've been fiddling with this one for almost a week now.
My setup is:
LAN (windows/linux PCs/servers) <-> CentOS gateway/firewall box <-> ISP
I'm trying to setup a monitoring solution which ...
- 325
4
votes
1
answer
2k
views
why am I not seeing traffic using TCPDUMP while sniffing on wireless interface with the station in WDS mode
I've 2 wireless interfaces one has the type of AP and the other has the type monitor.
the AP is attached to a bridge br-lan.
When I run for example:
tcpdump port 5201 -s 0 -ni wlan0
TCPdump is not ...
- 73
0
votes
1
answer
191
views
Is there a way to limit number of packet captures with tcpflow?
I want to limit the number of captured packets, such as:
tcpdump -c 20
I want to use tcpflow instead. Is this possible? The console throws a syntax error using tcpflow with the -c parameter.
edit - ...
2
votes
2
answers
1k
views
Program to record data transmission between two computers using a TCP port
I am looking for a way to view data being transmitted over a TCP port between two computers.
Is there a software package that allows this? I suppose I could script something to re-route data coming ...
- 961
6
votes
2
answers
22k
views
How to make tcpdump (or other tool) to actually dump TCP stream?
I expect something like this:
$ nc example.com 80
GET / HTTP/1.0
HTTP/1.0 500 K.O.
Content-Type: application/null
Content-Length: -1
$
Meanwhile:
# tcpdump -i eth0 --actually-dump-all-tcp
217.21....
- 17.5k
17
votes
6
answers
49k
views
How to capture last N seconds of packets using tcpdump
How can I capture the last N seconds of packets using tcpdump?
sushant
0
votes
1
answer
4k
views
tcpdump not showing all packets? [duplicate]
Possible Duplicate:
my tcpdump always filters packets?
I've been using tcpdump for about a month now, and recently, it has stopped capturing any packets that were not sent to or from the computer ...
1
vote
1
answer
3k
views
tcpdump missing on Cygwin v1.7.7 for packet sniffing
I am trying to debug why my TCP packets are truncated. I see that only the first 24 bytes of each packet are showing up in my program. The 25th through 28th bytes are scrambled and all others after ...
- 7,988