craSH wrote:
tcpdump is pretty much just for inspecting the headers of packets, to
capture data and entire sessions, snort would be a good tool to use.
It can be ran on the command line in a way similar to tcpdump and dump
complete data to a pcap file for later inspection with tools such as
ethereal. Generally it isn't recommended to use ethereal for
sniffing/collecting data due to possible security risks that may pose.
On 6/7/05, Rick Barter <[EMAIL PROTECTED]> wrote:
I use tcpdump to trouble-shoot my firewall, set up my rules, etc. I
found the -x option which dumps the packet in hex. Can I view the
packet data with tcpdump or do I need to install Ethereal or something?
Any help is appreciated.
rvb
You might also check into /usr/ports/net/tcpshow. It gives you
the 'snoop' type output.
cheers
