-----BEGIN PGP SIGNED MESSAGE-----
>>>>> "Hannes" == Hannes Gredler <[EMAIL PROTECTED]> writes:
Hannes> i typically use the following command for remote capturing:
Hannes> ssh [EMAIL PROTECTED] "sudo tcpdump -ni eth0 -s 0 -w -" >
Hannes> capture-file.pcap
Yeah, this is probably the best thing.
Use the tools to build a good system.
The sudo can be made passwordless for certain groups, and can force
the command, or in the case of systems with BPF devices, the device can
be chgrp'ed.
- --
] Michael Richardson Xelerance Corporation, Ottawa, ON | firewalls [
] mcr @ xelerance.com Now doing IPsec training, see |net architect[
] http://www.sandelman.ca/mcr/ www.xelerance.com/training/ |device driver[
] panic("Just another Debian GNU/Linux using, kernel hacking, security guy"); [
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)
Comment: Finger me for keys
iQCVAwUBQlfyDYqHRg3pndX9AQFM1AQAz4sfUKAhHT6eRX7XNPzywGOQQL2R2isJ
+FAOnVe8SahwkRVq27MCexyvW7RM9DGBMPbM7fDDzdX9lcKCZ5dDuhmQIWdrKTbb
q/5Hcq/ifYcVKBPWOMwXixoE4sW1SuJyPPcXY3J81YPxLjb7pK/KIJl88LGqXx4K
tRrqF7WfDXk=
=jtZ0
-----END PGP SIGNATURE-----
-
This is the tcpdump-workers list.
Visit https://lists.sandelman.ca/ to unsubscribe.
