tcpdump help
Results 1 to 6 of 6

Thread: tcpdump help

Hybrid View

  1. #1
    Member
    Join Date
    Feb 2003
    Posts
    35

    tcpdump help

    Ok, I've been tumping a lot of traffic with the command: tcpdump -i eth1 -s 1500 -X -vvv -w packetlog.

    Now, when I try to read the capture into Etherreal (on Windows) it crashes the app and tells me the file is corrupt. Also, when I read the file back into tcpdump using tcpdump -i eth1 -s 1500 -X -vvv -r packetlog, it takes forever to read, pausing over certain packets for a very long time. Is this mornal. Am I adding a CLI switch to tcpdump that I can do without?

    Advice please for a tcpdumo newbie.

  2. #2
    Senior Member IKnowNot's Avatar
    Join Date
    Jan 2003
    Posts
    792
    Well, first off, you did not specify what version of RedHat you are using: would be nice to know.

    My guess is it is a path problem.

    is /usr/sbin in your path?

    try
    echo $PATH
    to find out

    My guess also is you are using not using the root account ( GOOD ! ) to do this, but used some means to gain root access.
    if you used
    su
    to utilize root access, maybe try instead
    su -
    to utilize the root's paths as well?
    " And maddest of all, to see life as it is and not as it should be" --Miguel Cervantes

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •