-[ Wed, Sep 14, 2011 at 09:56:59AM -0700, Rick Jones ]
> What are the issues/benefits/downfalls one way or t'other between the
> two schemes - over ssh and a specific connection - when it comes to
> making certain that this thing forwarding captured traffic isn't simply
> chasing its own tai
> "Rick" == Rick Jones writes:
Rick> What are the issues/benefits/downfalls one way or t'other
Rick> between the two schemes - over ssh and a specific connection -
Rick> when it comes to making certain that this thing forwarding
Rick> captured traffic isn't simply chasing its
What are the issues/benefits/downfalls one way or t'other between the
two schemes - over ssh and a specific connection - when it comes to
making certain that this thing forwarding captured traffic isn't simply
chasing its own tail forwarding captures of its forwarding of captures
of its fowardi
> "Guy" == Guy Harris writes:
Guy> If by "receiving end" you mean that side that receives a stream
Guy> of packets, no, nothing prevents that - and implementing the
Guy> *sending* end in tcpdump would neither help nor hinder that;
Guy> they're orthogonal. In any case, the rec
> "Erik" == Erik Hjelmvik writes:
Erik> I've been using tcpdump and netcat to achieve what I call
Erik> "Pcap-over-IP", as described here:
Erik>
http://www.netresec.com/?page=Blog&month=2011-09&post=Pcap-over-IP-in-NetworkMiner
Erik> This is a very simple solution that allow
Le 14/09/11 08:16, Erik Hjelmvik a écrit :
The reason for why it would be great to have in tcpdump is because
tcpdump is an ubiquitous tool that is available practically everywere.
Besides, there's nothing that would prevent tcpdump from being at the
receiving end of a "Pcap-over-IP" TCP socket.
On Sep 13, 2011, at 11:16 PM, Erik Hjelmvik wrote:
> The reason for why it would be great to have in tcpdump is because
> tcpdump is an ubiquitous tool that is available practically everywere.
tcpdump-with-pcap-over-IP-support is a non-existent tool that is available
nowhere. :-)
If the tcpdum
2011/9/13 Guy Harris :
> It sounds as if you mean "pcap-over-IP server" here, in that tcpdump would
> send network traffic over the wire to a client, such as {tcpdump, Wireshark,
> NetworkMiner, etc.}.
Well, you are right in that my idea was for tcpdump to send libpcap
data over TCP to another m
On Sep 13, 2011, at 12:47 PM, Erik Hjelmvik wrote:
> What do you guys think? Would it be relevant to implement a
> Pcap-over-IP client in tcpdump?
It sounds as if you mean "pcap-over-IP server" here, in that tcpdump would send
network traffic over the wire to a client, such as {tcpdump, Wiresha
Hi all,
I've been using tcpdump and netcat to achieve what I call
"Pcap-over-IP", as described here:
http://www.netresec.com/?page=Blog&month=2011-09&post=Pcap-over-IP-in-NetworkMiner
This is a very simple solution that allows me to capture network
traffic from remote devices, such as firewalls e
10 matches
Mail list logo
