01-17-2008
tcpdump question
Hi, I got the following question regarding tcpdump and I would appreciate your help/feedback:
--Scenario
I am instructed to capture the network traffic by getting the tcpdump data/files of our network for every hour.
--Problem
Some of the connections are still open when the capture is done at the end of 30 minutes. How do I link these open connections in different tcpdump files?
--example
Connection A: 192.168.10.1:1686 --> 192.168.10.22:139
connection A starts: 12:25
connection A ends: 12:45
Data capture: 12:00-12:30 (file1), 12:30-1:00 (file2)
Will there be two connections (for connection A) -- one in file1, the other in file2? Will their connection start time be the SAME or DIFFERENT?
Please help!!
Thanks!!
Jay
9 More Discussions You Might Find Interesting
1. Programming
I have two net-card. one is 172.16.24.99(ENG) ,another is 172.16.25.99(ENG-B). Both masks is 255.255.255.0.
I will monitor data on the tcp port 8055 in ENG, How do I set option of tcpdump command (2 Replies)
Discussion started by: chenhao_no1
2 Replies
2. UNIX for Dummies Questions & Answers
does anybody know what the -d -dd and -ddd options are used for ?
thanks (2 Replies)
Discussion started by: ant04
2 Replies
3. Cybersecurity
i would like to know about tcpdump
i would like to use tcpdump to get information about these
- Date
- time
- source hostname
- source mac address
- source ip address
- destination ip address
- see outbound only
then i use command like this
tcpdump -i le0 -n -q -tttt -e src net... (0 Replies)
Discussion started by: chamnanpol
0 Replies
4. IP Networking
i would like to know about tcpdump
i would like to use tcpdump to get information about these
- Date
- time
- source hostname
- source mac address
- source ip address
- destination ip address
- see outbound only
then i use command like this
tcpdump -i le0 -n -q -tttt -e src net... (2 Replies)
Discussion started by: chamnanpol
2 Replies
5. UNIX for Dummies Questions & Answers
Hello everyone!
I installed OpenWRT on a WRT54G-TM (linux 2.4). No problem so far!. I also installed tcpdump on the box.
I set the adapter in monitor mode.
wlc monitor 1
It created the prism0 interface. Tcpdumpíng is also possible using this interface.
root@cmWRT:/tmp# tcpdump -i... (1 Reply)
Discussion started by: aztroboy
1 Replies
6. IP Networking
Please look at the third line that the windows size is 257, but in the fourth line it sends 992 bytes. Can anyone tell me why?
Thanks in advance!!!
http://life.chinaunix.net/bbsfile/month_1108/1108241440ce458925d2bb6d73.png (3 Replies)
Discussion started by: cateran
3 Replies
7. IP Networking
Hi,
I am trying to capture manually crafted IP packets, created using Scapy, to a pcap file that can later be replayed using tcpreplay.
When using wireshark, I can successfully capture these packets and view them in wireshark.
However, when using tcpdump, these packets are then shown in... (2 Replies)
Discussion started by: yotamhc
2 Replies
8. Debian
Hi.
Need Help with TcpDump
Trying to sniff associatio-request with tcpdump but when i run this tcpdump -i eth0 wlan subtype assoc-req i get this error
can anyone help me with this error ? Thanks alot !!:) (1 Reply)
Discussion started by: SoulZB
1 Replies
9. IP Networking
I've recently started learning to use TCPdump, and I find it pretty interesting. There's one thing I don't understand. When I tell it to capture packets on, say, the WiFi interface en1, it often captures packets sent or received by other hosts on the network. How can it do this? My... (3 Replies)
Discussion started by: Ultrix
3 Replies
LEARN ABOUT SUSE
tgt-setup-lun
tgt-setup-lun(8) System Manager's Manual tgt-setup-lun(8)
NAME
tgt-setup-lun - creates a target, adds a device to the target and defines initiators that can connect to the target
SYNOPSIS
tgt-setup-lun -d device -n target_name [initiator_IP1 initiator_IP2 ...] [-h]
DESCRIPTION
Starts tgtd if necessary and creates a target according to the supplied target_name. The format of the target name is as follows:
iqn.2001-04.com.<hostname>-<target_name> The target name must be unique.
The script then adds the requested device to the target. If specific IP addresses are defined, it adds them to the list of allowed initia-
tors for that target. If no IP addresses is defined, it defines that the target accepts any initiator.
EXAMPLES
Create a target that uses /dev/sdb1 and allows connections only from 192.168.10.81:
tgt-setup-lun -d /dev/sdb1 -n my_target 192.168.10.81
Create a target that uses /dev/sdb1 and allows connections only from 192.168.10.81 and 192.168.10.82:
tgt-setup-lun -d /dev/sdb1 -n my_target 192.168.10.81 192.168.10.82
Create a target that uses /dev/sdb1 and allows connections from any initiator:
tgt-setup-lun -d /dev/sdb1 -n my_target
Display help:
tgt-setup-lun -h
AUTHOR
Written by Erez Zilber
REPORTING BUGS
Report bugs to <erezz@voltaire.com>.
COPYRIGHT
Copyright (C) Voltaire Ltd. 2008.
tgt-setup-lun(8)