[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <1090795871.558.17.camel@localhost>
From: frank at knobbe.us (Frank Knobbe)
Subject: FW: Question for DNS pros
On Sun, 2004-07-25 at 13:57, Paul Schmehl wrote:
> For the last time, I have *already* done this. With both a snaplen of 1024
> and a snaplen of 4096. It *hasn't* produced anything useful unless someone
> thinks *this* is useful (I'm using tcpdump on FreeBSD 4.9 RELEASE.):
>
> tcpdump -c 100 -xX -s 4069 -i xl0 -p -w x.x.dump 'udp && host x.x.x.x &&
> port 53' (Our IP has been changed to x.x.x.x)
Paul,
could you please post some *payload* of these packets instead of just
the tcpdump one-liner? Perhaps that's why we confused about your tcpdump
output/usage.
Thanks,
Frank
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: This is a digitally signed message part
Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20040725/9a3c47d1/attachment.bin
Powered by blists - more mailing lists