Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: tcpdump question
Special Forums IP Networking tcpdump question Post 302159457 by jinsunnyvale on Thursday 17th of January 2008 08:16:33 PM
Old 01-17-2008
tcpdump question
Hi, I got the following question regarding tcpdump and I would appreciate your help/feedback:

--Scenario
I am instructed to capture the network traffic by getting the tcpdump data/files of our network for every hour.

--Problem
Some of the connections are still open when the capture is done at the end of 30 minutes. How do I link these open connections in different tcpdump files?

--example
Connection A: 192.168.10.1:1686 --> 192.168.10.22:139
connection A starts: 12:25
connection A ends: 12:45
Data capture: 12:00-12:30 (file1), 12:30-1:00 (file2)

Will there be two connections (for connection A) -- one in file1, the other in file2? Will their connection start time be the SAME or DIFFERENT?

Please help!!

Thanks!!

Jay
 

9 More Discussions You Might Find Interesting

1. Programming

How To Use tcpdump

I have two net-card. one is 172.16.24.99(ENG) ,another is 172.16.25.99(ENG-B). Both masks is 255.255.255.0. I will monitor data on the tcp port 8055 in ENG, How do I set option of tcpdump command (2 Replies)
Discussion started by: chenhao_no1
2 Replies

2. UNIX for Dummies Questions & Answers

tcpdump

does anybody know what the -d -dd and -ddd options are used for ? thanks (2 Replies)
Discussion started by: ant04
2 Replies

3. Cybersecurity

i would like to know about tcpdump

i would like to know about tcpdump i would like to use tcpdump to get information about these - Date - time - source hostname - source mac address - source ip address - destination ip address - see outbound only then i use command like this tcpdump -i le0 -n -q -tttt -e src net... (0 Replies)
Discussion started by: chamnanpol
0 Replies

4. IP Networking

i would like to know about tcpdump

i would like to know about tcpdump i would like to use tcpdump to get information about these - Date - time - source hostname - source mac address - source ip address - destination ip address - see outbound only then i use command like this tcpdump -i le0 -n -q -tttt -e src net... (2 Replies)
Discussion started by: chamnanpol
2 Replies

5. UNIX for Dummies Questions & Answers

tcpdump and prism headers question

Hello everyone! I installed OpenWRT on a WRT54G-TM (linux 2.4). No problem so far!. I also installed tcpdump on the box. I set the adapter in monitor mode. wlc monitor 1 It created the prism0 interface. Tcpdumpíng is also possible using this interface. root@cmWRT:/tmp# tcpdump -i... (1 Reply)
Discussion started by: aztroboy
1 Replies

6. IP Networking

Can anyone explain this tcpdump question?

Please look at the third line that the windows size is 257, but in the fourth line it sends 992 bytes. Can anyone tell me why? Thanks in advance!!! http://life.chinaunix.net/bbsfile/month_1108/1108241440ce458925d2bb6d73.png (3 Replies)
Discussion started by: cateran
3 Replies

7. IP Networking

tcpdump vs. wireshark

Hi, I am trying to capture manually crafted IP packets, created using Scapy, to a pcap file that can later be replayed using tcpreplay. When using wireshark, I can successfully capture these packets and view them in wireshark. However, when using tcpdump, these packets are then shown in... (2 Replies)
Discussion started by: yotamhc
2 Replies

8. Debian

Tcpdump Help !

Hi. Need Help with TcpDump Trying to sniff associatio-request with tcpdump but when i run this tcpdump -i eth0 wlan subtype assoc-req i get this error can anyone help me with this error ? Thanks alot !!:) (1 Reply)
Discussion started by: SoulZB
1 Replies

9. IP Networking

TCPdump

I've recently started learning to use TCPdump, and I find it pretty interesting. There's one thing I don't understand. When I tell it to capture packets on, say, the WiFi interface en1, it often captures packets sent or received by other hosts on the network. How can it do this? My... (3 Replies)
Discussion started by: Ultrix
3 Replies

LEARN ABOUT SUSE

tgt-setup-lun

tgt-setup-lun(8)					      System Manager's Manual						  tgt-setup-lun(8)

NAME

       tgt-setup-lun - creates a target, adds a device to the target and defines initiators that can connect to the target

SYNOPSIS

       tgt-setup-lun -d device -n target_name [initiator_IP1 initiator_IP2 ...] [-h]

DESCRIPTION

       Starts tgtd if necessary and creates a target according to the supplied target_name. The format of the target name is as follows:
       iqn.2001-04.com.<hostname>-<target_name> The target name must be unique.

       The  script then adds the requested device to the target. If specific IP addresses are defined, it adds them to the list of allowed initia-
       tors for that target. If no IP addresses is defined, it defines that the target accepts any initiator.

EXAMPLES

       Create a target that uses /dev/sdb1 and allows connections only from 192.168.10.81:
       tgt-setup-lun -d /dev/sdb1 -n my_target 192.168.10.81

       Create a target that uses /dev/sdb1 and allows connections only from 192.168.10.81 and 192.168.10.82:
       tgt-setup-lun -d /dev/sdb1 -n my_target 192.168.10.81 192.168.10.82

       Create a target that uses /dev/sdb1 and allows connections from any initiator:
       tgt-setup-lun -d /dev/sdb1 -n my_target

       Display help:
       tgt-setup-lun -h

AUTHOR

       Written by Erez Zilber

REPORTING BUGS

       Report bugs to <erezz@voltaire.com>.

COPYRIGHT

       Copyright (C) Voltaire Ltd. 2008.

																  tgt-setup-lun(8)
All times are GMT -4. The time now is 01:22 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy