> Date: Sun, 21 Feb 2010 18:11:31 +0000
> From: tzaf...@cohens.org.il
> To: debian-user@lists.debian.org
> Subject: Re: tcpdump?
>
> On Sat, Feb 20, 2010 at 06:05:50AM +0000, Hadi Motamedi wrote:
> >
> > Dear All
> > I have put tcpdump trace on port 4957 on my Debian server , as the
> > following :
> > #tcpdump port 4957
> > I want to obtain the payload data to see what is realy being exchanged
> > between my Debian server and the outside network element . Can you please
> > let me know how I can modify my command ?
>
>
> tcpdump -s0 -w output.pcap port 4957
>
>
> Consider also adding -n if name resolution takes extra time.
>
> This will send output to output.pcap .
>
> Later on run:
>
> wireshark output.pcap
>
> and analyze the flows there.
>
> Naturally you can use other programs.
>
> --
> Tzafrir Cohen | tzaf...@jabber.org | VIM is
> http://tzafrir.org.il | | a Mutt's
> tzaf...@cohens.org.il | | best
> ICQ# 16849754 | | friend
>
>
> --
> To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
> Archive: http://lists.debian.org/20100221181130.gw16...@pear.tzafrir.org.il
>
Thank you for your reply . I tried according to your comment , but still the
intended exchanged command cannot be captured on the Wireshark analyze .
_________________________________________________________________
Hotmail: Powerful Free email with security by Microsoft.
https://signup.live.com/signup.aspx?id=60969
