[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: tcpdump flags

To: shad0wlight@softhome.net
Subject: Re: tcpdump flags
From: Michael Coulter <mjc@bitz.ca>
Date: Sun, 2 Sep 2001 12:07:09 -0700
Cc: misc@openbsd.org
Content-Disposition: inline
References: <DMELKLFGAHBPMEEMOGPPMEMJCIAA.shad0wlight@softhome.net> <20010902192936.E24781@snafu>
User-Agent: Mutt/1.3.17-current-20010415i

On Sun, Sep 02, 2001 at 07:29:37PM +0200, Nikolay Sturm wrote:
> * shad0wlight <shad0wlight@softhome.net> [2001-09-02]:
> > not able to figure out how to use tcpdump to print out the data
> 
> Try -x, if you can read hex that is.

On newer versions it seems that -X will dump in Ascii.

If your version is too old, there is already a nice perl
script. The homepage was down when I checked, however
I found it here as well.

http://ftp7.usa.openbsd.org/pub/tools/unix/sysutils/tcpdump2ascii/

Another cute trick to try is the following:

tcpdump -w - | strings

Or if you are serious about analyzing the packets, dump to
a file and process it with ethereal.

- Mike

Follow-Ups:
- RE: tcpdump flags
  - From: "shad0wlight" <shad0wlight@softhome.net>

References:
- tcpdump flags
  - From: "shad0wlight" <shad0wlight@softhome.net>
- Re: tcpdump flags
  - From: Nikolay Sturm <Nikolay.Sturm@desy.de>

Prev by Date: Re: My Perl isn't working ...
Next by Date: OpenBSD/powerpc port renamed
Prev by thread: Re: tcpdump flags
Next by thread: RE: tcpdump flags
Index(es):
- Date
- Thread