[LinuxUsers] stupid tcpdump question
Roger E. Rustad, Jr
roger.rustad at gmail.com
Tue May 5 22:30:33 UTC 2009
John R. Hogerhuis wrote:
> Both use the same underlying shim (libpcap). I think you just need to
> fiddle with the options.
That's what I thought too, but on second thought, I think it's because I
need to passively sniff the network with a different tool. (I'm
installing the newest Wireshark now)
> Now if I understand, you are directly connected to the device...
> obviously you're not going to be able to snoop on a device on a
> different switch port.
Yup, I'm always going to be on the same collision domain (99% of the
time plugged directly in with a crossover cable).
Thanks for your help, John. I will see if Wireshark is the magic bullet.
More information about the LinuxUsers
mailing list