Hi all, I've been using tcpdump and netcat to achieve what I call "Pcap-over-IP", as described here: http://www.netresec.com/?page=Blog&month=2011-09&post=Pcap-over-IP-in-NetworkMiner
This is a very simple solution that allows me to capture network traffic from remote devices, such as firewalls etc. However, it would be even better if tcpdump would have native support for Pcap-over-IP so that I wouldn't have to use netcat. What do you guys think? Would it be relevant to implement a Pcap-over-IP client in tcpdump? /erik - This is the tcpdump-workers list. Visit https://cod.sandelman.ca/ to unsubscribe.
