Hi all
How can I use this tcpdump with the following filer
(tcp dst port 138 or tcp dst port or udp dst port 79) and ip[2:2]==48
Thank you
-
This is the tcpdump-workers list.
Visit https://cod.sandelman.ca/ to unsubscribe.
On 01/17/2012 03:55 PM, sth...@nethelp.no wrote:
You may have VLAN tagged packets. try "tcpdump -e -r ..." to see any
Ethernet details, including possible VLAN tags.
That did it!
So, now my searches look like this:
tcpdump -r filename.pcap 'vlan && host 1.1.1.1'
I'm now getting the results I
> I'm experiencing a problem with tcpdump, and I hope you guys can point
> me in a good direction.
>
> Here's the short version: Running "tcpdump -r 10Gig.pcap host 1.1.1.1"
> returns zero frames. Running the same thing without the filter shows tcp
> packets from that IP.
You may have VLAN tagged
Hello all,
I'm experiencing a problem with tcpdump, and I hope you guys can point
me in a good direction.
Here's the short version: Running "tcpdump -r 10Gig.pcap host 1.1.1.1"
returns zero frames. Running the same thing without the filter shows tcp
packets from that IP.
System Configuration:
*
On Jan 16, 2012, at 11:11 PM, rehaf drar wrote:
> my project name is “creating network attack dataset to aid security and
> network researchers “ this dataset must be include specific type of network
> attack
> I will use pcap format to save dataset file and bit twist network
> generator t
my project name is “creating network attack dataset to aid security and
network researchers “ this dataset must be include specific type of network
attack
I will use pcap format to save dataset file and bit twist network
generator to regenerate traffic .
i need full description of file
Hi!
What's your opinions on this? If you aggree, I would start doing some
initial coding sometime in the next few days, and then we can continue
the debate from there - unless I missed that it was dismissed.
Regards,
Ákos Vandra
On 12 January 2012 11:43, Akos Vandra wrote:
> On 12 January 201
