I would like a simple example - maybe showing top destination hosts for packets, or top protocols within the dump file.
2006-08-22 16:16:26 · 1 answers · asked by HomeSweetSiliconValley 4 in Computers & Internet ➔ Computer Networking
You do not mention the OS but on many UNIX(s), the shell can make some good scripts. The best would be a PERL script doing what you need.
I searched Google for [tcpdump"report program"] and [tcpdump"perl script"] to get interesting hits. There might be a PERL script with little modification to get the job done (remove the brackets and use quotes to keep words together).
Here is a good quote:
I find myself using the tcpdump network packet analyzer more and more as time goes on. If there is a communication breakdown between a server and a client machine, I break out the packet sniffer and find out exactly what is happening on the wire, so I can hone in on exactly which machine needs my help. For instance, is the problem on the server, or the client? I can know for sure by the network map.
I could easily include Ethereal in this category as well. Many times I will run tcpdump -w to capture the output to a file and then import the resulting file into Ethereal on my local machine to get a graphical view.
GNU Bash and Perl
I was taught that good system administrators are lazy, and I would have to work a lot harder to do my job without the ability to use quick and simple bash scripting. Many tasks are simple enough that a short bash script will suffice.
For anything more than a few lines I pull out Perl. The beauty of Perl is that it is simple to write simple scripts, but it has such a depth of modules and supporting components that it can do amazingly complex projects as well.
From:
http://software.newsforge.com/article.pl?sid=06/05/01/1630200&tid=91
Levi Patrick II
www.TheITDoctor.com
2006-08-22 16:50:53 · answer #1 · answered by Levi Patrick 2 · 0⤊ 0⤋