[Dshield] Off topic tcpdump question - please

Jim Tagart Jim.Tagart at bellcold.com
Fri May 24 20:08:24 GMT 2002


Here's one way...

tcpdump -Rc -s1500 -l 'host myHost' > /tmp/myHostDump.txt &

myHost can be an IP also. This is what I use on DG/UX. Here's another sample
that I used to help diagnose an LPD problem we were having. It just gets
traffic between the 2 hosts on port 515.

tcpdump -Rc -s1500 -l 'host production' and 'host boxingline' and 'port 515'
> /tmp/515-problems-dump.txt &

Jim 

> -----Original Message-----
> From:	Tim Lamberth [SMTP:tim at tllabs.net]
> Sent:	Friday, May 24, 2002 12:21 PM
> To:	list at dshield.org
> Subject:	[Dshield] Off topic tcpdump question - please
> 
> Could a *nix guru of sorts please tell me the correct syntax to use with 
> tcpdump to dump packets from a specific host on the local network to a
> file 
> for parsing? 
> 
> TIA 
> 
> Tim Lamberth
> tim at tllabs.net 
> 
> "Every man is a genius until he opens his mouth"
> 
> _______________________________________________
> Dshield mailing list
> Dshield at dshield.org
> To change your subscription options (or unsubscribe), see:
> http://www.dshield.org/mailman/listinfo/list




More information about the list mailing list