[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: tcpdump flags



Thanks to all who responded.  I have over looked the -x command.

Thanks
-Deepak
-----Original Message-----
From: Michael Coulter [mailto:mjc_(_at_)_bitz_(_dot_)_ca]
Sent: Sunday, September 02, 2001 3:07 PM
To: shad0wlight_(_at_)_softhome_(_dot_)_net
Cc: misc_(_at_)_openbsd_(_dot_)_org
Subject: Re: tcpdump flags


On Sun, Sep 02, 2001 at 07:29:37PM +0200, Nikolay Sturm wrote:
> * shad0wlight <shad0wlight_(_at_)_softhome_(_dot_)_net> [2001-09-02]:
> > not able to figure out how to use tcpdump to print out the data
> 
> Try -x, if you can read hex that is.

On newer versions it seems that -X will dump in Ascii.

If your version is too old, there is already a nice perl
script. The homepage was down when I checked, however
I found it here as well.

http://ftp7.usa.openbsd.org/pub/tools/unix/sysutils/tcpdump2ascii/

Another cute trick to try is the following:

tcpdump -w - | strings

Or if you are serious about analyzing the packets, dump to
a file and process it with ethereal.

- Mike



Visit your host, monkey.org