Ask Your Question

rgrish's profile - activity

2019-12-17 10:07:14 +0000 commented question tcpdump capture gets flooded when trying to redirect the output to remote host

Hi Chuck, Any more findings with captured pcaps ? Waiting for you suggestions. Regards

2019-12-16 06:04:15 +0000 commented question tcpdump capture gets flooded when trying to redirect the output to remote host

The interface is secured and encapsulated by Ipsec. I do thing that the issue looks to be because I am trying to send ov

2019-12-16 06:01:34 +0000 commented question tcpdump capture gets flooded when trying to redirect the output to remote host

Yes it is in the same device.

2019-12-16 04:37:48 +0000 commented question tcpdump capture gets flooded when trying to redirect the output to remote host

Here you go- https://drive.google.com/drive/folders/15F-1q94jNZ12FjozZgpg-y-g4l6osQcY?usp=sharing Let me know if you a

2019-12-15 16:40:44 +0000 received badge  Commentator
2019-12-15 16:40:44 +0000 commented question tcpdump capture gets flooded when trying to redirect the output to remote host

Hi Chuck, Can you let me know which one you mean by file sharing site ? I have those pcaps ready for your perusal. KR

2019-12-13 09:06:17 +0000 commented question tcpdump capture gets flooded when trying to redirect the output to remote host

Hi Chuck, With promiscuous mode I see there is little advantage but still flooding is not stopped. I am not sure why thi

2019-12-13 00:54:48 +0000 commented answer tcpdump capture gets flooded when trying to redirect the output to remote host

But why this happens with raw capture only i.e when I am using -w option. Without -w option capture is fine but it is in

2019-12-13 00:53:35 +0000 commented question tcpdump capture gets flooded when trying to redirect the output to remote host

Chuck I need those ESP packets. I have not tried with -p option which I guess is for avoiding promiscuous mode. tcpdump

2019-12-12 16:30:17 +0000 commented question tcpdump capture gets flooded when trying to redirect the output to remote host

Chuck, the packets are basically encapsulated and most of them are UDP ~67%. SSH packets are over TCP and comprise ack s

2019-12-12 15:52:46 +0000 asked a question tcpdump capture gets flooded when trying to redirect the output to remote host

tcpdump capture gets flooded when trying to redirect the output to remote host Hi Team, I am trying to redirect and col

2019-12-12 15:15:44 +0000 commented answer Redirection not working with tcpdump

Chuck, I got some improvement with tcpdump -lnni eth1 -w - | ssh [email protected] "cat >> 3.pcap". But still the ca

2019-12-12 14:11:24 +0000 commented answer Redirection not working with tcpdump

Yes, double verified with capture and found it to be working. So we can think of refinement.

2019-12-12 13:20:26 +0000 commented answer Redirection not working with tcpdump

Yes, binary capture of WS in the localhost works fine. And redirection is intended just to capture the packets for longe

2019-12-12 13:19:14 +0000 commented answer Redirection not working with tcpdump

Yes, binary capture of WS in the localhost works fine. And redirection is intended just to capture the packets for longe

2019-12-12 07:39:22 +0000 commented answer Redirection not working with tcpdump

Also to mention is that when I am not using -w option in the above ssh pipe I do not see flooding od redirected packets.

2019-12-12 06:45:43 +0000 marked best answer Redirection not working with tcpdump

Hi Team,

I am trying to redirect the tcpdump capture on an interface to a remote server usinf ssh pipe as below -

tcpdump -i any ! host 172.xx.xx.116 -s 0 | ssh [email protected] “cat > dump.pcap”

I do not have any issue with redirection but when I open it in Windows PC I see the format is not understood by Wireshark.

As I know wireshark expects binary file but I am saving it as a text file so not sure if I need some converter to work this out. Due to limited space in our hardware units we often need to redirect the tcpdump caputre. Also I am not sure if with winScp the file gets corrupted.

Please help me here.

Thanks Rish

2019-12-12 06:45:43 +0000 received badge  Scholar (source)
2019-12-12 05:48:23 +0000 commented answer Redirection not working with tcpdump

Thanks for the reply. I have tried this option but I am not sure why within seconds the redirected output nearing to 1 G

2019-12-11 22:05:15 +0000 asked a question Redirection not working with tcpdump

Redirection not working with tcpdump Hi Team, I am trying to redirect the tcpdump capture on an interface to a remote s