Re: [tcpdump-workers] Suggestion: Pcap-over-IP client support in

> "Rick" == Rick Jones writes: Rick> What are the issues/benefits/downfalls one way or t'other Rick> between the two schemes - over ssh and a specific connection - Rick> when it comes to making certain that this thing forwarding Rick> captured traffic isn't simply chasing its

Re: [tcpdump-workers] Suggestion: Pcap-over-IP client support in

What are the issues/benefits/downfalls one way or t'other between the two schemes - over ssh and a specific connection - when it comes to making certain that this thing forwarding captured traffic isn't simply chasing its own tail forwarding captures of its forwarding of captures of its fowardi

Re: [tcpdump-workers] Suggestion: Pcap-over-IP client support in tcpdump

> "Guy" == Guy Harris writes: Guy> If by "receiving end" you mean that side that receives a stream Guy> of packets, no, nothing prevents that - and implementing the Guy> *sending* end in tcpdump would neither help nor hinder that; Guy> they're orthogonal. In any case, the rec

Re: [tcpdump-workers] Suggestion: Pcap-over-IP client support in tcpdump

> "Erik" == Erik Hjelmvik writes: Erik> I've been using tcpdump and netcat to achieve what I call Erik> "Pcap-over-IP", as described here: Erik> http://www.netresec.com/?page=Blog&month=2011-09&post=Pcap-over-IP-in-NetworkMiner Erik> This is a very simple solution that allow

Re: [tcpdump-workers] Suggestion: Pcap-over-IP client support in

Le 14/09/11 08:16, Erik Hjelmvik a écrit : The reason for why it would be great to have in tcpdump is because tcpdump is an ubiquitous tool that is available practically everywere. Besides, there's nothing that would prevent tcpdump from being at the receiving end of a "Pcap-over-IP" TCP socket.

Re: [tcpdump-workers] Request for new Link-layer header type

Cool, thanks alot! -Ursprüngliche Nachricht- Von: tcpdump-workers-ow...@lists.tcpdump.org [mailto:tcpdump-workers-ow...@lists.tcpdump.org] Im Auftrag von Guy Harris Gesendet: Mittwoch, 14. September 2011 10:17 An: tcpdump-workers@lists.tcpdump.org Betreff: Re: [tcpdump-workers] Request f

Re: [tcpdump-workers] Request for new Link-layer header type

On Sep 14, 2011, at 12:31 AM, wrote: > Yes, that's right, these are the sequences described in sections 3.2.1 and > 3.2.2. Even though, in hexadecimal notation this would be 0x55 0x55 0x55 0x55 > 0x55 0x55 0x55 and 0xd5, respectively (as denoted in section 3.3) Sigh. I guess the bottommost b

Re: [tcpdump-workers] Request for new Link-layer header type

-Ursprüngliche Nachricht- Von: tcpdump-workers-ow...@lists.tcpdump.org [mailto:tcpdump-workers-ow...@lists.tcpdump.org] Im Auftrag von Guy Harris Gesendet: Mittwoch, 14. September 2011 01:08 An: tcpdump-workers@lists.tcpdump.org Betreff: Re: [tcpdump-workers] Request for new Link-layer h