The malware has probably reached Australia by now. :)

On Tue, Feb 22, 2011 at 12:42 PM, Jim March <> wrote:
> Sigh.
> I've looked the manual over for tcpdump:
> I've tried the commands:
> ---
> jim@jim-lappy:~$ sudo tcpdump -s 0 -w -i file.pca host
> [sudo] password for jim:
> tcpdump: WARNING: eth0: no IPv4 address assigned
> tcpdump: syntax error
> jim@jim-lappy:~$ sudo tcpdump -s 0 -w -i any file.pca host
> tcpdump: WARNING: eth0: no IPv4 address assigned
> tcpdump: syntax error
> jim@jim-lappy:~$ sudo tcpdump -s 0 -w -i any file.pca
> tcpdump: WARNING: eth0: no IPv4 address assigned
> tcpdump: syntax error
> jim@jim-lappy:~$
> ---
> The man page doesn't give enough examples to tell me how to do this.
> Dangit...any idea what the exact syntax might be?
> WAIT, nevermind, on a hunch I tried using Wireshark with sudo.  Bingo.
> Would have been nice to know...sigh.
> Jim
> On Tue, Feb 22, 2011 at 12:15 PM, Matt Graham <>
> wrote:
>> From: Jim March <>
>> > jim@jim-lappy:~$ sudo tcpdump -s 0 -w file.pca host
>> > tcpdump: WARNING: eth0: no IPv4 address assigned
>> > tcpdump: listening on eth0, link-type EN10MB (Ethernet)
>> >
>> > This comes closer,'s still listening on eth0.
>> > How do I point it to wlan0?
>> The Fine Manual for tcpdump suggests the -i option.  tcpdump goes to the
>> lowest-numbered interface by default, which is sensible, but is not always
>> what you want.
>> --
>> Matt G / Dances With Crows
>> The Crow202 Blog:
>> There is no Darkness in Eternity/But only Light too dim for us to see
>> ---------------------------------------------------
>> PLUG-discuss mailing list -
>> To subscribe, unsubscribe, or to change your mail settings:
> ---------------------------------------------------
> PLUG-discuss mailing list -
> To subscribe, unsubscribe, or to change your mail settings:
PLUG-discuss mailing list -
To subscribe, unsubscribe, or to change your mail settings:

Reply via email to