Re: [tcpdump-workers] pcap next gerneration / adding communication

2005-04-10 Thread Guy Harris
Hannes Gredler wrote: if you want to do live capturing and decode using ethereal/tethereal then you'd simply do: ssh [EMAIL PROTECTED] "sudo tcpdump -ni eth0 -s 0 -w -" | tethereal -nli - That works for Tethereal. For Ethereal, it's a bit more complicated - on UN*X, you'd create a named pipe fil

Re: [tcpdump-workers] pcap next gerneration / adding communication

2005-04-10 Thread Mike Kershaw
> ...although having it in libpcap does mean that applications might, in > theory, be able to capture remotely without having to be changed. Yeah, that would definitely be nice. > However, if authentication is required for remote capture - which I > suspect a lot of sites would want - that migh

Re: [tcpdump-workers] pcap next gerneration / adding communication

2005-04-10 Thread Hannes Gredler
if you want to do live capturing and decode using ethereal/tethereal then you'd simply do: ssh [EMAIL PROTECTED] "sudo tcpdump -ni eth0 -s 0 -w -" | tethereal -nli - /hannes On Sat, Apr 09, 2005 at 05:05:16PM +0200, Pilz Rene wrote: | Thanks for the suggestion. I need it in that way, that I can

Re: [tcpdump-workers] pcap next gerneration / adding communication

2005-04-09 Thread Guy Harris
Mike Kershaw wrote: I have code which does this already for wireless (sending a modified pcap stream basically). Wrapping it in SSL would be trivial (already on the list of stuff to support). Moving this to pure pcap would also be trivial. This seems more application layer than pcap layer -- by th

Re: [tcpdump-workers] pcap next gerneration / adding communication

2005-04-09 Thread Pilz Rene
Thanks for the suggestion. I need it in that way, that I can use it like local captureable network interface. This is due the fact, that I need it in a program which uses the libpcap. In my case is it ethereal. And when I download the files first, then I have no advantage to the solutions, which

Re: [tcpdump-workers] pcap next gerneration / adding communication

2005-04-09 Thread Michael Richardson
-BEGIN PGP SIGNED MESSAGE- > "Hannes" == Hannes Gredler <[EMAIL PROTECTED]> writes: Hannes> i typically use the following command for remote capturing: Hannes> ssh [EMAIL PROTECTED] "sudo tcpdump -ni eth0 -s 0 -w -" > Hannes> capture-file.pcap Yeah, this is probably th

Re: [tcpdump-workers] pcap next gerneration / adding communication

2005-04-09 Thread Hannes Gredler
On Fri, Apr 08, 2005 at 05:15:15AM -0700, Bruce M Simpson wrote: | On Fri, Apr 08, 2005 at 11:57:33AM +0200, Pilz Rene wrote: | > I want to add a feature where someone can connect and use a | > network-interface of a remote computer to capture data. As ronnie | > sahlberg has already pointed out

Re: [tcpdump-workers] pcap next gerneration / adding communication

2005-04-08 Thread Mike Kershaw
> I want to add a feature where someone can connect and use a > network-interface of a remote computer to capture data. As ronnie > sahlberg has already pointed out in the ethereal list, > authentication and athoriztion should be one of the topics there. For > sure the will be several more issue

Re: [tcpdump-workers] pcap next gerneration / adding communication

2005-04-08 Thread Pilz Rene
Yes, but only the packet trace part. I think it is group 8. If it is true, what I have seen as I took a first look at RMON, it works with snmp. So in my point of view it might be only useable for a short trace. /rene Bruce M Simpson wrote: On Fri, Apr 08, 2005 at 11:57:33AM +0200, Pilz Rene wrote

Re: [tcpdump-workers] pcap next gerneration / adding communication

2005-04-08 Thread Bruce M Simpson
On Fri, Apr 08, 2005 at 11:57:33AM +0200, Pilz Rene wrote: > I want to add a feature where someone can connect and use a > network-interface of a remote computer to capture data. As ronnie > sahlberg has already pointed out in the ethereal list, > authentication and athoriztion should be one of t

Re: [tcpdump-workers] pcap next gerneration / adding communication

2005-04-08 Thread Pilz Rene
Guy Harris wrote: On Apr 7, 2005, at 6:19 PM, Felipe Kellermann wrote: b) Couldn't parse. "tarceing" is probably a typo for "traceing"; I don't know whether "pots" is a typo for "ports" or not. He might be referring to support for passive network taps. - This is the tcpdump-workers list. Visi

Re: [tcpdump-workers] pcap next gerneration / adding communication

2005-04-07 Thread Guy Harris
On Apr 7, 2005, at 6:19 PM, Felipe Kellermann wrote: b) Couldn't parse. "tarceing" is probably a typo for "traceing"; I don't know whether "pots" is a typo for "ports" or not. He might be referring to support for passive network taps. - This is the tcpdump-workers list. Visit https://lists.san

Re: [tcpdump-workers] pcap next gerneration / adding communication

2005-04-07 Thread Felipe Kellermann
On Thu, 7 Apr 2005 3:18pm +0200, Pilz Rene wrote: > a) pcap next generation file format > b) Adding functionality for having tarceing pots > > It would be nice to know if I am rigth on this mailing list and to whom I > might have to get into contact for these topics a) Yes, I have recently rais

[tcpdump-workers] pcap next gerneration / adding communication between trace pot and an analysis computer

2005-04-07 Thread Pilz Rene
Hi I want to contribute in two topics to the tcpdump project: a) pcap next generation file format b) Adding functionality for having tarceing pots It would be nice to know if I am rigth on this mailing list and to whom I might have to get into contact for these topics Thanks in advance Regards Re