[3199] in bugtraq
Re: Live playback of tcpdump data
daemon@ATHENA.MIT.EDU (pc)
Sun Aug 18 16:22:52 1996
Date: Sun, 18 Aug 1996 09:57:12 -0700
Reply-To: Bugtraq List <BUGTRAQ@NETSPACE.ORG>
From: pc <pc@phreak.org>
To: Multiple recipients of list BUGTRAQ <BUGTRAQ@NETSPACE.ORG>
In-Reply-To: <m0urv5i-000V9xC@on-ramp.ior.com> from "Ficus Kirkpatrick" at Aug
17, 96 04:47:42 pm
>
> Does anyone know of any freely available "live playback" of tcpdump
> data utilities (a la the playback sessions on takedown.com)?
there is a backend for tcpdump called tcpshow.c that does a pretty decent
job of decoding the headers and contents of packets. It will run realtime
or playback from raw tcpdumps. There is also a nice GUI version of tcpdump
called tcpview, but it doesn't seem to want to gather and decode/display the
data at the same time, tho i imagine it could be persuaded if you were
determined enough. Tcpview should be easy to find with archie or something,
but i haven't seen tcpshow.c available anywhere yet, so if you cant find
it and want it, send me a note and i can mail you a copy.
pc
--
-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: 2.6.2
mQCNAzDDp9IAAAEEAMXKn8X1OkYmNaffOOvnzryI5qyO6ZiF/shd7glmy6EZ4mA5
JQh3C5goZxhampT4kPwyulxTC2uUXdNqrs/BXgTa54Q59qFIrtuOiS9vNz2sxBMa
qDhOgzT+JDYBoZgLlMtW1XKOExJtsPcPztniyVU8HW8y1qj1RRi8cqk9ykShAAUR
tCFQYXRyaWNrIEouIENvbm5vciA8cGNAcGhyZWFrLm9yZz4=
=vong
-----END PGP PUBLIC KEY BLOCK-----
