Solved

Using WinDump......

Posted on 2002-04-20
8
1,598 Views
Last Modified: 2008-01-16
I was wondering if I could get some command line examples
of using windump...First, could I get a command line example that writes all output to a file..and second,
could I have a command line example that filters out
everything thats not internet related.
0
Comment
Question by:cMan
  • 4
  • 3
8 Comments
 
LVL 41

Expert Comment

by:stevenlewis
ID: 6956289
try going here and getting the docs
http://windump.polito.it/docs/default.htm
0
 

Author Comment

by:cMan
ID: 6956621
Already been there. I think that documentaion is for someone a little bit more familiar with this sort of stuff
than I am. In Short the docs were little help which is why
I submitted a question here so I could get specific examples of what I want to do..

Neil D
0
 
LVL 4

Expert Comment

by:newmang
ID: 6959058
1) To output windump capture to a text file use "windump > capture .txt"
2) To output to a binary file to allow post processing via windump use "windump -w binary_file". This can then be re-read via "windump -r binary_file"
3) Can you define what you mean by "internet related" to allow the filter to be defined?

Cheers - Gavin
0
Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

 

Author Comment

by:cMan
ID: 6960252
Could I get an example of how to filter out everything
except timestamps and URLs...or said another way...could I
get windump to output only URLs and timestamps to file.

Thx again!
Neil D
0
 
LVL 4

Accepted Solution

by:
newmang earned 250 total points
ID: 6961503
Not really, windump is derived from tcpdump on Unix, this is a general packet tracing utility which captures the entire packet (although you can specify how much of the packet to store) and as such would not do what you want it to do.

It would not be that difficuly to captire the entire packet to a file as previously discussed and then write a simple program to extract the information you want from that file.

Cheers - Gavin
0
 

Author Comment

by:cMan
ID: 6964091
Thanks Gavin, That will do.
You've helped me enough I think, and besides, after using
the program a little I think i'd rather output ALL the
data to file anyways.


Neil D
0
 
LVL 4

Expert Comment

by:newmang
ID: 6964211
Have you seen Ethereal? This is a packet analyser that was originally written for Unix systems (where I first used it) but which has now been ported to the Micro$oft platform. This will give you a GUI version of windump allowing the packets to be broken apart for analysis.

Look at www.ethereal.com

Cheers - Gavin
0
 

Author Comment

by:cMan
ID: 6964244
I havent seen it. Initially I was presented with a solution
using either tcpdump, or ethereal, and I arbitrarily picked
tcpdump because of their respective order, tcpdump was mentioned first so I decided on that one.I didnt know about
it but the GUI version sounds like it would be perfect for
me...no learning curve, ease of use, etc...

Thx again!
Neil D

0

Featured Post

Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Even if you have implemented a Mobile Device Management solution company wide, it is a good idea to make sure you are taking into account all of the major risks to your electronic protected health information (ePHI).
When it comes to security, there are always trade-offs between security and convenience/ease of administration. This article examines some of the main pros and cons of using key authentication vs password authentication for hosting an SFTP server.
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…

815 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

8 Experts available now in Live!

Get 1:1 Help Now