[Centos] Where is ethereal?
Matt Shields
mattboston at gmail.com
Sun Jan 9 00:45:53 UTC 2005
ethereal/tethereal will do that for you. Here's part of a sample
command line that I used to capture while I was browsing Google(I cut
out some lines). If you look at the 2nd line you'll see where I
submitted the query to Google for centos. In the past(and this is
going back quite a few years, I've used ethereal to help users get
their mail passwords back, because email username/passwords are
unencrypted.
[root at matt-test root]# tethereal | grep -vi SSH | grep -vi vrrp |
grep -vi stp | grep -v 5901
Capturing on eth0
0.017168 10.0.3.225 -> 10.0.3.255 NBNS Name query NB KAMENSDEV<00>
0.699144 10.0.2.168 -> 64.233.167.104 HTTP GET
/search?hl=en&q=centos&btnG=Google+Search HTTP/1.1
0.739789 64.233.167.104 -> 10.0.2.168 TCP http > 38760 [ACK] Seq=0
Ack=602 Win=29400 Len=0
0.761950 64.233.167.104 -> 10.0.2.168 HTTP HTTP/1.1 200
OK[Unreassembled Packet]
0.762214 10.0.2.168 -> 64.233.167.104 TCP 38760 > http [ACK]
Seq=602 Ack=1430 Win=22880 Len=0
0.764795 64.233.167.104 -> 10.0.2.168 HTTP Continuation
0.764988 10.0.2.168 -> 64.233.167.104 TCP 38760 > http [ACK]
Seq=602 Ack=1689 Win=22880 Len=0
0.801813 Intel_b1:cc:20 -> Broadcast ARP Who has 10.0.3.225?
Tell 10.0.2.148
0.885105 64.233.167.104 -> 10.0.2.168 HTTP Continuation
0.885313 10.0.2.168 -> 64.233.167.104 TCP 38760 > http [ACK]
Seq=602 Ack=3119 Win=25740 Len=0
0.893630 64.233.167.104 -> 10.0.2.168 HTTP Continuation
0.893905 10.0.2.168 -> 64.233.167.104 TCP 38760 > http [ACK]
Seq=602 Ack=4156 Win=28600 Len=0
47 packets dropped
743 packets captured
--
Matt Shields
http://masnetworks.biz
http://www.centos.org
http://www.caosity.org
On Sat, 8 Jan 2005 17:07:22 -0400, Joe Polk <listuser at javelinux.com> wrote:
> Then can someone refresh my memory? I recall a network packet sniffer-type app
> that ran in console and had an ansi-like look to it (much like Midnight
> COmmander looks etc.). I cannot remember it and thought it was ethereal.
> Evidently not.
>
> --
> <<JAV>>
>
> ---------- Original Message -----------
> From: Johnny Hughes <mailing-lists at hughesjr.com>
> To: CentOS Users <centos at caosity.org>
> Sent: Sat, 08 Jan 2005 14:52:57 -0600
> Subject: Re: [Centos] Where is ethereal?
>
> > Just for the record, from "man ethereal"
> >
> > Ethereal is a "GUI network protocol analyzer". It lets you
> > interactively browse packet data from a live network or from a
> > previously saved capture file.
> >
> > And from "man tethereal"
> >
> > Tethereal is a "network protocol analyzer". It lets you capture packet
> > data from a live network, or read packets from a previously saved
> > capture file, either printing a decoded form of those packets to the
> > standard output or writing the packets to a file.
> >
> > _______________________________________________
> > CentOS mailing list
> > CentOS at caosity.org
> > http://lists.caosity.org/mailman/listinfo/centos
> ------- End of Original Message -------
>
> _______________________________________________
> CentOS mailing list
> CentOS at caosity.org
> http://lists.caosity.org/mailman/listinfo/centos
>
More information about the CentOS
mailing list