OpenBSD Journal

Making a Connection with tcpdump

Contributed by jose on from the that-other-OS dept.

Linux Journal's website recently ran a pair of pieces on using tcpdump(8) . They're entitled "Making a connection with tcpdump", and part 1 and part 2 ran back to back. You may also be interested in a BSD column which ran last year on OnLamp which covered tcpdump .

Aside from network troubleshooting, tcpdump is a great way to learn about IP networking and infrastructures. It's also a threat to network security the form on sniffers and connection hijacking tools. Read up!

(Comments are closed)


Comments
  1. By Rob () rehartley@sympatico.ca on mailto:rehartley@sympatico.ca

    Sadly, tcpdump is off the air for a while.

    I have recently been enjoying Ethereal which seems to allow even more layer 2 examination.

    It has worked great for IPSEC debugging, and the "wiretap" library seems to pick up where the old libpcap left off.

    Comments
    1. By Jason () jtestart@REMOVEMEryerson.ca on mailto:jtestart@REMOVEMEryerson.ca


      I enjoy Ethereal too but I like tcpdump for those cases where I need to capture some traffic on a Unix machine somewhere for further analysis with Ethereal. I know there is tethereal, but the binary is 4 times the size and is linked to twice the number of libraries.

      Small and simple is nice sometimes!

    2. By Anonymous Coward () on

      wiretap? What library is this? Got url?

      Comments
      1. By Robert () rehartley@sympatico.ca on mailto:rehartley@sympatico.ca

        I found it in a directory called wiretap the source code, along with an explanation about why they went with it instead of using libpcap.

        dwonloaded from:
        http://www.ethereal.com/download.html#sources

        Comments
        1. By Anonymous Coward () on

          uh... there is no such discussion. Can you cut & paste it here?

  2. By Anonymous Coward () on

    That "connection" wouldn't be the source trojan attempting to call home, would it?

Latest Articles

Credits

Copyright © - Daniel Hartmeier. All rights reserved. Articles and comments are copyright their respective authors, submission implies license to publish on this web site. Contents of the archive prior to as well as images and HTML templates were copied from the fabulous original deadly.org with Jose's and Jim's kind permission. This journal runs as CGI with httpd(8) on OpenBSD, the source code is BSD licensed. undeadly \Un*dead"ly\, a. Not subject to death; immortal. [Obs.]