| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <4496A451.3090700@csuohio.edu> Date: Mon Jun 19 14:18:35 2006 From: michael.holstein at csuohio.edu (Michael Holstein) Subject: tcpdump logfile viewer > Are there any viewers for tcpdump log files ? > > 1) > a) On Linux tcpdump -r /some/file > b) on Windows tcpdump -r /some/file > c) as an HTML server Not offhand, but it'd be trivial to write a CGI to do this. An easy cheat would be to write a snort rule to log everything, run the packets through snort with -r, log them to mysql, and use ACID to look at them. This will be one-packet-per-page, though. Probably better to wrap tethereal with a CGI script or some-such though. > 2) > a) text dump file tcpdump -Xr /some/file > b) binary dump file hexedit /some/file As someone already pointed out, if you want a nice GUI to look at them (and do advanced protocol decodes) use Ethereal (or tethereal for text output). Note that the display expressions in [t|e]thereal are different than the BPF expressions used to capture. Cheers, Michael Holstein CISSP GCIA Cleveland State University
Powered by blists - more mailing lists