search for: tcpdump

I've read everything I've found on tcpdump-smb, and still can't get it to work right. I downloaded the binary from samba.org, and executed the command like so: (The command belowis directly from the README.smb that comes with tcpdump-3.4a5.tar.gz) ./tcpdump -i eth0 port 139 host 192.168.0.1 tcpdump: parse error How do I use it to g...

Hi, This is a froward message from tcpdump-workers mail list: === 8< ================ >8 === From: ef <blob.bb.a@gmail.com> Subject: tcpdump -z: command execution Date: Fri, 27 Aug 2010 09:33:48 +0200 To: tcpdump-workers@lists.tcpdump.org Hello, Thx for tcpdump, very valuable tool! Was looking at the new version of tcpdump a...

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-05:10.tcpdump Security Advisory The FreeBSD Project Topic: Infinite loops in tcpdump protocol decoding Category: contrib Module: tcpdump Announced: 2005-06-09 Credits: "Vade 79&q...

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-05:10.tcpdump Security Advisory The FreeBSD Project Topic: Infinite loops in tcpdump protocol decoding Category: contrib Module: tcpdump Announced: 2005-06-09 Credits: "Vade 79&q...

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-07:06.tcpdump Security Advisory The FreeBSD Project Topic: Buffer overflow in tcpdump(1) Category: contrib Module: tcpdump Announced: 2007-08-01 Credits: "mu-b" Affects:...

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-07:06.tcpdump Security Advisory The FreeBSD Project Topic: Buffer overflow in tcpdump(1) Category: contrib Module: tcpdump Announced: 2007-08-01 Credits: "mu-b" Affects:...

-----BEGIN PGP SIGNED MESSAGE----- ============================================================================= FreeBSD-SA-00:61 Security Advisory FreeBSD, Inc. Topic: tcpdump contains remote vulnerabilities Category: core Module: tcpdump Announced: 2000-10-31 Credits: Discovered during internal auditing. Affects: All releases of FreeBSD 3.x, 4.x prior to 4.2 FreeBSD 3.5.1-STABLE and 4.1.1-STABLE prior to the cor...

-----BEGIN PGP SIGNED MESSAGE----- ============================================================================= FreeBSD-SA-00:61 Security Advisory FreeBSD, Inc. Topic: tcpdump contains remote vulnerabilities [REISSUED] Category: core Module: tcpdump Announced: 2000-10-31 Reissued: 2000-11-06 Credits: Discovered during internal auditing. Affects: All releases of FreeBSD 3.x, 4.x prior to 4.2 FreeBSD 3.5.1-STABLE and 4.1.1-STABLE...

I want to capture all my Asterisk traffic (including RTP) and then analyse it. My plan was to use tcpdump and then analyse with Wireshark. The following works: tcpdump -i eth0 -s 0 -w /tmp/tcpdump.1 But I want to be a bit more selective: tcpdump -C 100 -W 10 -w /tmp/tcpdump -i eth1 -s 0 udp and dst port >= 5060 This doesn't capture the RTP traffic. Could anyone advise what I'm doing wrong...

On my debian woody (kernel 2.4.31) the tcpdump doesn''t work with imq0 devices. If I try to tcpdump imq devices there is no packet seen: [...] rt1:~# tcpdump -n -i imq0 Warning: arptype 65535 not supported by libpcap - falling back to cooked socket tcpdump: WARNING: imq0: no IPv4 address assigned tcpdump: verbose output suppressed,...

...ewall in between. But the problem is, the VM's cannot communicate over port 123/udp to the NTP VM. Network: 172.24.100.0/22 KVM: 172.24.101.50 VM ntp: 172.24.102.10 VM foo: 172.24.102.20 1. On the NTP server, listen for any incoming packets from VM foo on port 123: [ntp ~]# tcpdump -i any host 172.24.102.20 and port 123 -n 2. Execute the following on server foo. Since server ntp is listening with tcpdump, packets should be visible in tcpdump. [foo ~]# ntpdate 172.24.102.10 This is failing: ntpdate[30443]: no server suitable for synchronization found No packets a...

Dear All I have put tcpdump trace on port 4957 on my CentOS server , as the following : #tcpdump port 4957 I want to obtain the payload data to see what is realy being exchanged between my CentOS server and the outside network element . Can you please let me know how I can modify my command ? Thank you ____...

Hi list! I have a problem where SIP packets sent by Asterisk do not hit the wire, and I don't know what could cause this. I'm running Asterisk 1.8.28_cert5 with full SIP debug. At the same time, I'm doing a tcpdump of the traffic on the network interface. I can see in the SIP debug log that asterisk is sending packets. Most of the time, I can see those packets in the tcpdump, as you would expect. However, sometimes Asterisk sends a packet that *does not show up* in the tcpdump. Asterisk then does several...

...F:FF:FF:FF:FF UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:47 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:1860 (1.8 KiB) TX bytes:0 (0.0 b) If I run tcpdump -i xenbr1 on dom0, should I see all traffic on xenbr1 (vif5.1 and vif9.1)? In this case the domU on vif5.1 has IP 192.168.5.8 and vif9.1 has IP 192.168.5.9. If I run tcpdump on xenbr1 and ping .8, I don''t see any packets. If I run tcpdump on xenbr1 and ping .9, I do see the packets. So, I...

Hi! I have a strange problem with shorewall on one of our routers. When i configure a rule like ACCEPT loc:192.x.x.x net tcp 80 this rules will only work if i do a tcpdump -i all port 80 After doing the tcpdump the clientrules works. When i don''t use tcpdump before the connection will be refused. Best regards, Kai. ------------------------------------------------------------------------------ This SF.Net email is sponsored by the Verizon Developer...

...it through our analyzer as further information for you.  If it shows >> DTK isn't sending packets when it should, that will be obvious, and you >> can send to them as solid evidence of their guilt :) > Thank you for your offer. > Could you say me which options I should pass to tcpdump to get all > information you need? Yes, sure, please use (replace with correct interface names): sudo tcpdump -i eth0 -s 0 -w /tmp/test0.pcap & sudo tcpdump -i eth1 -s 0 -w /tmp/test1.pcap & Try to limit the traffic to just your phone call tests (to reduce the size of the cap...

On Sun, 13 Apr 2003, Guy Harris gharris-at-sonic.net |TCPdump Workers| wrote: > It is probably not impossible to add a "pcap_dump_open_append()" > function to libpcap that would do that, and, given that function, one > could probably add a new command-line flag to get tcpdump to append to > a capture file rather than truncating and over...

Dear list, About a week ago, right after 5.4-RELEASE was released, I received a mail from Gentoo Linux's security announcement list about a flaw in tcpdump and gzip. Since none of them are operating system related, I assumed a -p1 and -p2 of the 5.4-RELEASE. Instead, we got a patch for the HTT security issue so I wonder, is the FreeBSD version of tcpdump and/or gzip are secured or simply forgotten/ignored? tcpdump references: http://www.cve.mitre....

Subject: user/3610: repetable tcpdump remote crash Resent-Date: Sat, 20 Dec 2003 08:55:02 -0700 (MST) Resent-From: gnats@cvs.openbsd.org (GNATS Filer) Resent-To: bugs@cvs.openbsd.org Date: Sat, 20 Dec 2003 16:42:25 +0100 (CET) From: venglin@freebsd.lublin.pl Reply-To: venglin@freebsd.lublin.pl To: gnats@openbsd.org >Number:...

Hi, I have a FreeBSD 4.8 box connected to the net which until recently hasn't had any problems. Today DNS lookups mysteriously stopped working (the box has tinydns & dnscache installed to handle dns requests). I noticed some strange things while checking the problem with tcpdump. Tcpdump appears not to show any traffic whatsoever on either my external interface or internal lan interface, this despite the fact I was successfully pinging hosts over both interfaces from a different console while checking the traffic. I do get notified about promiscuous mode being enabled and...