> The 'tcpdump' command only dissplays the address headers of an ip packet. is there a way to get the data field allso? tcpdump will work with the command: tcpdump -w <filename> then you could use ethereal or some other program to parse the data. I particularly like ngrep because it decodes on the fly and it can be saved into a standard text file. (http://ngrep.sourceforge.net) ngrep -qte '*' host <yourhost> and port 21 > user.gotcha Experiment with using ngrep first. The homepage has a few examples and we can help on this list as well. -- duane -- GnuPG Public Key: http://sukkha.homeip.net/pgp.html -- -----BEGIN GEEK CODE BLOCK----- Version: 3.1 $GSS/OS d s+:+ a- C+++ UL++++ P+ L+++ E- W++ N* o+ K- w O- M- V- PS+ PE--Y+ PGP++ t 5 R- !tv b+++ DI-- D G e+++ h+ r-- y+ z-- -----END GEEK CODE BLOCK----- http://www.geekcode.com/geek.html ------------------------------------------------------------------------ To unsubscribe email security-discuss-request@linuxsecurity.com with "unsubscribe" in the subject of the message.
