[clug-talk] Ethereal

Michael Gale michael.gale at bluesuperman.com
Sun Mar 27 19:32:17 PST 2005


If does but then you require X to be running or at least installed on 
the box you are running ethereal on.

Which I find usually is not the case, if you want to capture local 
packets you can start up Ethereal, click on start capture and at in / 
create some filters and then start capturing.

But again ... only works if X is running or installed on the machine. I 
say installed because you could use XForwarding and run Ethereal on a 
remote host.

Any ways a lot firewall boxs and routers do not have X.


Juan Alberto Cirez wrote:
> Michael,
> Correct me if I'm wrong, but doen't ethereal do both functions...At least it
> does on my box....
> Michael Gale wrote:
>>        Well for example if you wanted to monitor the traffic on a Linux box
>>(router maybe) I would use tcpdump and then use ethereal to view the
>>tcpdump -n -i eth0 -w /tmp/testfile -s 9999 port 110 and host X.X.X.X
>>-n - do not try and resolve the domain name
>>-i - interface
>>-w - write data to file
>>-s - snap length (length of packet to capture)
>>Jesse Kline wrote:
>>>Quick question,
>>> How can I use ethereal, or a similar tool to capture pop and smtp
>>>traffic going into and out of a specific domain on the internet?
>>>clug-talk mailing list
>>>clug-talk at clug.ca
>>>Mailing List Guidelines (http://clug.ca/ml_guidelines.php)
>>>**Please remove these lines when replying
>>clug-talk mailing list
>>clug-talk at clug.ca
>>Mailing List Guidelines (http://clug.ca/ml_guidelines.php)
>>**Please remove these lines when replying
> --
> =*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=
> --oo0oo-- Juan Alberto Cirez - Software Developer --oo0oo--
>        ===========   acirez at canada.com   =============
>        C, C++, Java, Perl & .NET  Enterprise Solutions
>             Supporting Windows & Linux Environments
> =*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=
>           Sunny and Beautiful Vancouver, Canada.
> =*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=
> _______________________________________________
> clug-talk mailing list
> clug-talk at clug.ca
> http://clug.ca/mailman/listinfo/clug-talk_clug.ca
> Mailing List Guidelines (http://clug.ca/ml_guidelines.php)
> **Please remove these lines when replying

More information about the clug-talk mailing list