Re: can tcpdump capture more than packet headers?
- From: "eddie" <Edward.Storey@xxxxxxxxx>
- Date: 24 Sep 2006 14:01:04 -0700
thanks guys - the -X option looks good - gave it a quick go before but
still seemed to be just packet headers. Will give it a good test this
evening.
Chris Lowth wrote:
Allen Kistler wrote:
eddie wrote:
No excuses for ignorance but I have been playing with tcpdump to
capture application data passing between two computers (no switch). All
that seems to be displayed is packet header information. The
client(-server) application is communicating using the netbios-ssn
(netbeui) protocol. I have tried increasing the packet size (using -s)
still no joy. Can I capture data from the 'higher' layers(above network
layer on osi model)?
tcpdump can capture it all.
I'm uncertain how much tcpdump can dissect of NetBEUI, though.
Use -v, -vv, or -vvv to display additional info.
You may need to write to a file, then analyze with WireShark (or just
capture with WireShark).
try -X or -XX with -s<length> to specify the largest pkt size you expect.
See "man tcpdump".
C
.
- References:
- can tcpdump capture more than packet headers?
- From: eddie
- Re: can tcpdump capture more than packet headers?
- From: Allen Kistler
- Re: can tcpdump capture more than packet headers?
- From: Chris Lowth
- can tcpdump capture more than packet headers?
- Prev by Date: Enabling the Intel 82562ET Nic
- Next by Date: Stats comp.os.linux.networking (last 7 days)
- Previous by thread: Re: can tcpdump capture more than packet headers?
- Next by thread: How to install rpm or, software on remote linux server
- Index(es):
Relevant Pages
|
