On Oct 11, 2004, at 10:31 AM, Peter Mueller wrote:
I can do that on the one in Seattle, and on the remote router when I
get to Boise, Erich. I'll read up on tcpdump (never used it
before) and
give it a go. Thanks for the idea; I'm getting lots of input
on tools
I've never had to think about before, and that is why I came to this
forum for help.
E.g.,
tcpdump -i eth0 (or eth1) not port ssh
tcpdump -i eth0 net 192.168.0/24 and not proto \\icmp
tcpdump -i eth0 host 1.2.3.4 or host 5.6.7.8 and not port ssh
Protocols require double-escaping, for example ICMP above. Windump is
the
windows equivelant.
I think Ray is on the right track with spyware. Be sure to check
ifconfig
for transmission errors, too.
eth0 Link encap:Ethernet HWaddr 00:C0:9F:3F:44:42
inet addr:1.2.3.21 Bcast:1.2.3.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
** This is what you are looking for **
RX packets:54447768 errors:2 dropped:0 overruns:0 frame:1
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
TX packets:52184055 errors:0 dropped:0 overruns:0 carrier:0
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
collisions:0 txqueuelen:1000
**
RX bytes:854678430 (815.0 Mb) TX bytes:2033727102 (1939.5
Mb)
Base address:0xece0 Memory:fe1e0000-fe200000
A few errors - 1 every million or so is usually fine.
P
Thanks for the tutorial, Peter. I'll put it to good use. This incident
has taught me that I need to focus on this kind of tool to prepare for
emergencies.
Dale Mirenda
-------------------------------------------------------
This SF.net email is sponsored by: IT Product Guide on ITManagersJournal
Use IT products in your business? Tell us what you think of them. Give us
Your Opinions, Get Free ThinkGeek Gift Certificates! Click to find out more
http://productguide.itmanagersjournal.com/guidepromo.tmpl
------------------------------------------------------------------------
leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
