04-02-2008
snoop command on Sun box
Hi Gang:
Need some help with a snoop command. Sun box (solaris 8) has 4 nic cards,
I need to snoop one address and output that to a file so wireshark can read it. Can anyone help me out..?
Think its something like....
snoop -i 10.10.10.10 -o snoop_output
10 More Discussions You Might Find Interesting
1. UNIX for Dummies Questions & Answers
I use a paste command on my HP/UX which by specifying single quotation marks my output creates a fixed width file with no delimeters:
paste -d '' a b > temp
on the Sun box the same command recieves an error specifying no delimeters provided.
Both are running ksh. (1 Reply)
Discussion started by: r1500
1 Replies
2. UNIX Benchmarks
I could write a long spec here, however.....we are looking at investing in one of thise shiny blue Sun V440's. Rediculousely expensive, however possibly more cost effective over time...too much time listening to salesmen. To the point has anyone actually performed a comparison for Oracle running on... (4 Replies)
Discussion started by: luker
4 Replies
3. Solaris
Evening...
I just recently purchased an older Ultra 5 with Solaris 8 equiped with NT. I'm not necessarily new to the unix world but this is the first time I've had my own box. I'm used to Unix in the working environment.
So with that said...
Are there any specific files I should be... (2 Replies)
Discussion started by: PapaPark
2 Replies
4. UNIX for Dummies Questions & Answers
Hi,
I need a clarification.
Is there any difference between AIX box and Sun Solaris box?
The bzip command with -c option works in AIX box and the same does not work in Sun Solaris box.
Can anyone please explain if there is an implementation difference in both these boxes for the shell... (1 Reply)
Discussion started by: nisha4680
1 Replies
5. Solaris
Hi.
I'm trying to capture traffic with the snoop command using the net expression but I fail when a I've to specify a subnet
ex: 10.201.64/18
Did you know the correct syntax?
I've tried with
snoop -ta -x0 net 10.201.64.0 255.255.192.0
but doesn't match.
Thnx (4 Replies)
Discussion started by: kurtolo
4 Replies
6. Solaris
i want to migrate sun box 5.8 to 5.10 and also 5.9 to 5.10 with jump start
without ditrubing any users, how it can be done? (3 Replies)
Discussion started by: saini707
3 Replies
7. UNIX for Dummies Questions & Answers
scp file="myfile.txt" todir="user@somehost:(M:drive:/somepath/)"/
Not sure I need it to go to a specific drive on the windows box (1 Reply)
Discussion started by: xgringo
1 Replies
8. Linux
Hi,
What web site I can download the snoop package from and install it into a linux environment, so I can practice and become familiar with the snoop command and capture packets with it.
Thanks , (0 Replies)
Discussion started by: Pouchie1
0 Replies
9. Solaris
Got the console cable all connected up and got tot he ok prompt.
Typed in boot cdrom and got the following:
ok boot cdrom
Boot device: /pci@8,700000/scsi@6/disk@6,0:f File and args:
ERROR: /packages/deblocker: Last Trap: Corrected ECC Error
Can't read disk label.
Can't open disk... (4 Replies)
Discussion started by: bbbngowc
4 Replies
10. Solaris
Hi!
I have run the following command: snoop -q -d e1000g0 -o /var/tmp/optima0.txt & them I am trying to read the output of it with snoop -i /var/tmp/optima0.txt, which is giving me this: # snoop -i /var/tmp/optima0.txt | more
1 0.00000 AIOPTSVR -> 10.100.4.72 TCP D=1393 S=22 Push... (8 Replies)
Discussion started by: fretagi
8 Replies
LEARN ABOUT OSX
newproc.d
newproc.d(1m) USER COMMANDS newproc.d(1m)
NAME
newproc.d - snoop new processes. Uses DTrace.
SYNOPSIS
newproc.d
DESCRIPTION
newproc.d is a DTrace OneLiner to snoop new processes as they are run. The argument listing is printed.
This is useful to identify short lived processes that are usually difficult to spot using traditional tools.
Docs/oneliners.txt and Docs/Examples/oneliners_examples.txt in the DTraceToolkit contain this as a oneliner that can be cut-n-paste to run.
Since this uses DTrace, only users with root privileges can run this command.
EXAMPLES
This prints new processes until Ctrl-C is hit.
# newproc.d
FIELDS
CPU The CPU that recieved the event
ID A DTrace probe ID for the event
FUNCTION:NAME
The DTrace probe name for the event
remaining fields
These contains the argument listing for the new process
DOCUMENTATION
See the DTraceToolkit for further documentation under the Docs directory. The DTraceToolkit docs may include full worked examples with ver-
bose descriptions explaining the output.
EXIT
newproc.d will run forever until Ctrl-C is hit.
AUTHOR
Brendan Gregg [Sydney, Australia]
SEE ALSO
execsnoop(1M), dtrace(1M), truss(1)
version 1.00 May 15, 2005 newproc.d(1m)