lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Mon Jun 19 14:18:35 2006
From: michael.holstein at csuohio.edu (Michael Holstein)
Subject: tcpdump logfile viewer

> Are there any viewers for tcpdump log files ?
>  
> 1)
>     a) On Linux

tcpdump -r /some/file

>     b) on Windows

tcpdump -r /some/file

>     c) as an HTML server

Not offhand, but it'd be trivial to write a CGI to do this. An easy 
cheat would be to write a snort rule to log everything, run the packets 
through snort with -r, log them to mysql, and use ACID to look at them. 
This will be one-packet-per-page, though. Probably better to wrap 
tethereal with a CGI script or some-such though.

> 2)
>     a) text dump file

tcpdump -Xr /some/file

>     b) binary dump file

hexedit /some/file

As someone already pointed out, if you want a nice GUI to look at them 
(and do advanced protocol decodes) use Ethereal (or tethereal for text 
output). Note that the display expressions in [t|e]thereal are different 
than the BPF expressions used to capture.

Cheers,

Michael Holstein CISSP GCIA
Cleveland State University

Powered by blists - more mailing lists