FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > CentOS > CentOS

 
 
LinkBack Thread Tools
 
Old 02-20-2010, 05:03 AM
Hadi Motamedi
 
Default tcpdump?

Dear All

I have put tcpdump trace on port 4957 on my CentOS server , as the following :

#tcpdump port 4957

I want to obtain the payload data to see what is realy being exchanged between my CentOS server and the outside network element . Can you please let me know how I can modify my command ?

Thank you

*

Your E-mail and More On-the-Go. Get Windows Live Hotmail Free. Sign up now.
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 02-20-2010, 05:05 AM
Hadi Motamedi
 
Default tcpdump?

Dear All
I have put tcpdump trace on port 4957 on my*Debian server , as the following :
#tcpdump port 4957
I want to obtain the payload data to see what is realy being exchanged between my*Debian server and the outside network element . Can you please let me know how I can modify my command ?
Thank you
*


Hotmail: Free, trusted and rich email service. Get it now.
 
Old 02-20-2010, 05:19 AM
frank thyes
 
Default tcpdump?

On Sat, 2010-02-20 at 06:05 +0000, Hadi Motamedi wrote:
> Dear All
> I have put tcpdump trace on port 4957 on my Debian server , as the
> following :
> #tcpdump port 4957
> I want to obtain the payload data to see what is realy being exchanged
> between my Debian server and the outside network element . Can you
> please let me know how I can modify my command ?

RTFM - if you dont now how to read manuals start with "man man"

Frank



--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: 1266646753.2310.5.camel@leela">http://lists.debian.org/1266646753.2310.5.camel@leela
 
Old 02-20-2010, 05:26 AM
Hadi Motamedi
 
Default tcpdump?

> Subject: Re: tcpdump?
> From: frank@anotheria.net
> CC: debian-user@lists.debian.org
> Date: Sat, 20 Feb 2010 07:19:13 +0100
> To: debian-user@lists.debian.org
>
> On Sat, 2010-02-20 at 06:05 +0000, Hadi Motamedi wrote:
> > Dear All
> > I have put tcpdump trace on port 4957 on my Debian server , as the
> > following :
> > #tcpdump port 4957
> > I want to obtain the payload data to see what is realy being exchanged
> > between my Debian server and the outside network element . Can you
> > please let me know how I can modify my command ?
>
> RTFM - if you dont now how to read manuals start with "man man"
>
> Frank
>
>
>
> --
> To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
> Archive: http://lists.debian.org/12
66646753.2310.5.camel@leela
>

Â*

Sorry . I mean inside the payload data (as I have obtained the output by tracing with tcpdump) . I need to decode the exchanged data .


Â*

Hotmail: Trusted email with Microsoft’s powerful SPAM protection. Sign up now.
 
Old 02-20-2010, 05:33 AM
Andrei
 
Default tcpdump?

use -i <interface name> ex. tcpdump -i eth0 port 4957 -nn -vv etc.
man tcpdump for more options.
--Andrei

2010/2/20 Hadi Motamedi <motamedi24@hotmail.com>






Dear All

I have put tcpdump trace on port 4957 on my CentOS server , as the following :

#tcpdump port 4957

I want to obtain the payload data to see what is realy being exchanged between my CentOS server and the outside network element . Can you please let me know how I can modify my command ?

Thank you

*

Your E-mail and More On-the-Go. Get Windows Live Hotmail Free. Sign up now.

_______________________________________________

CentOS mailing list

CentOS@centos.org

http://lists.centos.org/mailman/listinfo/centos




_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 02-20-2010, 06:01 AM
Alex Samad
 
Default tcpdump?

On Sat, Feb 20, 2010 at 06:26:07AM +0000, Hadi Motamedi wrote:
>
>

[snip]

> Sorry . I mean inside the payload data (as I have obtained the output by tracing with tcpdump) . I need to decode the exchanged data .
try wireshark


>
>
>
>
> __________________________________________________ _______________
> Hotmail: Trusted email with Microsoft’s powerful SPAM protection.
> https://signup.live.com/signup.aspx?id=60969

--
"What I think the president ought to do [when gas prices spike] is he ought to get on the phone with the OPEC cartel and say we expect you to open your spigots."

- George W. Bush
01/26/2006
Manchester, NH
in a Republican Primary debate
 
Old 02-20-2010, 06:22 AM
Hadi Motamedi
 
Default tcpdump?

> Date: Sat, 20 Feb 2010 18:01:49 +1100
> From: alex@samad.com.au
> To: debian-user@lists.debian.org
> Subject: Re: tcpdump?
>
> On Sat, Feb 20, 2010 at 06:26:07AM +0000, Hadi Motamedi wrote:
> >
> >
>
> [snip]
>
> > Sorry . I mean inside the payload data (as I have obtained the output by tracing with tcpdump) . I need to decode the exchanged data .
> try wireshark
>
>
> >
> >
> >
> >
> > __________________________________________________ _______________
> > Hotmail: Trusted email with Microsoft’s powerful SPAM protection.
> > https://signup.live.com/signup.aspx?id=60969
>
> --
> "What I think the president ought to do [when gas prices spike] is he ought to get on the phone with the OPEC cartel and say we expect you to open your spigots."
>
> - George W. Bush
> 01/26/2006

> Manchester, NH
> in a Republican Primary debate

Â*

I have Wireshark on my MS Windows platform . I captured the tcpdump output in a file and opened it in Wireshark , but I cannot find how to decode the udp payload data in ascii format . Can you please let me know how can I do that in Wireshark ?


Â*

Hotmail: Free, trusted and rich email service. Get it now.
 
Old 02-20-2010, 07:42 AM
Brent Clark
 
Default tcpdump?

On 20/02/2010 08:05, Hadi Motamedi wrote:

Dear All
I have put tcpdump trace on port 4957 on my Debian server , as the
following :

#tcpdump port 4957
I want to obtain the payload data to see what is realy being exchanged
between my Debian server and the outside network element . Can you
please let me know how I can modify my command ?

Thank you


Hiya

Use tcpflow

i.e.
tcpflow -c port 4957

HTH

Brent Clark


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

Archive: 4B7FA05B.7010609@gmail.com">http://lists.debian.org/4B7FA05B.7010609@gmail.com
 
Old 02-20-2010, 08:49 AM
Camaleón
 
Default tcpdump?

On Sat, 20 Feb 2010 06:26:07 +0000, Hadi Motamedi wrote:

> Sorry . I mean inside the payload data (as I have obtained the output by
> tracing with tcpdump) . I need to decode the exchanged data .

Does "tcpshow" helps?

***
tcpshow - decode a tcpdump savefile

(...)

tcpshow reads a tcpdump(1) savefile and provides a reasonably complete
decode of Ethernet, IP, ICMP, UDP and TCP headers, in packets that match
the boolean expression. The data belonging to these packets is displayed
in ASCII.
***

Greetings,

--
Camaleón


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: pan.2010.02.20.09.49.52@gmail.com">http://lists.debian.org/pan.2010.02.20.09.49.52@gmail.com
 
Old 02-20-2010, 09:36 AM
Alexander Dalloz
 
Default tcpdump?

Am 20.02.2010 07:03, schrieb Hadi Motamedi:
>
> Dear All
>
> I have put tcpdump trace on port 4957 on my CentOS server , as the following :
>
> #tcpdump port 4957
>
> I want to obtain the payload data to see what is realy being exchanged between my CentOS server and the outside network element . Can you please let me know how I can modify my command ?
>
> Thank you

tcpdump -i ethX -p -s 0 -w /path/to/4957.trace.pcap port 4957

After finishing the trace you can load the saved pcap file into
wireshark for a detailed analysis.

Alexander
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 

Thread Tools




All times are GMT. The time now is 07:12 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright ©2007 - 2008, www.linux-archive.org