Stefan
-i accepts both an interface and a pcap file. I have just updated the help
Luca
On 07/04/2013 05:23 PM, Stefan wrote:
Luca,
Mark and I went to check the "old" way:
$ ntop --help | grep 'dump file'
[-f <file> | --traffic-dump-file <file>] Traffic dump
file (see tcpdump)
No such option in ntopng, whereas the --help is not obvious in the
fact that:
ntopng [...] [-i <iface>]
could actually include <trafic dump file>, also, as you indicated below.
Thanks,
Stefan
On Jul 4, 2013 1:35 AM, "Luca Deri" <[email protected]
<mailto:[email protected]>> wrote:
Stefan
I don't know what you mean exactly but you can do "ntopng -i
my.pcap" and ntop will read packets from my.pcap file
Luca
On Jul 3, 2013, at 5:19 PM, Stefan <[email protected]
<mailto:[email protected]>> wrote:
Mark,
Have you received any replies ref the usage on a pcap file? If
what you said is a removed feature, moving forward, then it would
be a very critical piece missing,
As a side note: I actually discovered ntop when doing my gold
cert with SANS, many, many years ago, when running the pcap files
through it revealed to me issues which otherwise I would have
missed, concerning forensics of an intrusion. Have liked it
since, and continued to follow its development, then acquired
nprobe as another nice tool. And - of course - used it a "active"
network tool, also.
***Stefan
On Tue, Jul 2, 2013 at 2:45 PM, Mark Davis <[email protected]
<mailto:[email protected]>> wrote:
Thanks! Didn't realize that was another application
dependency... "apt-get install redis-server" did it.
I take it that this version of Ntopng doesn't have the
capability to load pcap files, is that correct? I no longer
can use an option -f, and I don't see a pcap file load option
under the --help for ntopng:
<snip>
_______________________________________________
Ntop mailing list
[email protected]
http://listgateway.unipi.it/mailman/listinfo/ntop
_______________________________________________
Ntop mailing list
[email protected]
http://listgateway.unipi.it/mailman/listinfo/ntop
