[LinuxUsers] finding traffic
John R. Hogerhuis
jhoger at pobox.com
Tue Mar 10 23:16:14 UTC 2009
On Tue, Mar 10, 2009 at 3:55 PM, Dante Lanznaster <dantecl at gmail.com> wrote:
> Use wireshark on a laptop to sniff what's going on.
>
I'd second that, especially for quick looks at small traces. But if it
is going to be a long trace, and there's no X server on the box, leave
tcpdump running, capturing to a series of files.
We do this in our lab as a "time machine" kind of thing. It's always
recording. If something funny happens during network communication
from one of our scripts we can pick up the most recent trace, and see
what happened.
You can use tcpdump to filter the trace for what you want. Then just
load what you are interested in into Wireshark.
Nothing beats a proper network trace for understanding what is
actually happening on the network.
-- John.
More information about the LinuxUsers
mailing list