Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

Using WinDump......

Posted on 2002-04-20
8
Medium Priority
?
1,648 Views
Last Modified: 2008-01-16
I was wondering if I could get some command line examples
of using windump...First, could I get a command line example that writes all output to a file..and second,
could I have a command line example that filters out
everything thats not internet related.
0
Comment
Question by:cMan
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
8 Comments
 
LVL 41

Expert Comment

by:stevenlewis
ID: 6956289
try going here and getting the docs
http://windump.polito.it/docs/default.htm
0
 

Author Comment

by:cMan
ID: 6956621
Already been there. I think that documentaion is for someone a little bit more familiar with this sort of stuff
than I am. In Short the docs were little help which is why
I submitted a question here so I could get specific examples of what I want to do..

Neil D
0
 
LVL 4

Expert Comment

by:newmang
ID: 6959058
1) To output windump capture to a text file use "windump > capture .txt"
2) To output to a binary file to allow post processing via windump use "windump -w binary_file". This can then be re-read via "windump -r binary_file"
3) Can you define what you mean by "internet related" to allow the filter to be defined?

Cheers - Gavin
0
Nothing ever in the clear!

This technical paper will help you implement VMware’s VM encryption as well as implement Veeam encryption which together will achieve the nothing ever in the clear goal. If a bad guy steals VMs, backups or traffic they get nothing.

 

Author Comment

by:cMan
ID: 6960252
Could I get an example of how to filter out everything
except timestamps and URLs...or said another way...could I
get windump to output only URLs and timestamps to file.

Thx again!
Neil D
0
 
LVL 4

Accepted Solution

by:
newmang earned 1000 total points
ID: 6961503
Not really, windump is derived from tcpdump on Unix, this is a general packet tracing utility which captures the entire packet (although you can specify how much of the packet to store) and as such would not do what you want it to do.

It would not be that difficuly to captire the entire packet to a file as previously discussed and then write a simple program to extract the information you want from that file.

Cheers - Gavin
0
 

Author Comment

by:cMan
ID: 6964091
Thanks Gavin, That will do.
You've helped me enough I think, and besides, after using
the program a little I think i'd rather output ALL the
data to file anyways.


Neil D
0
 
LVL 4

Expert Comment

by:newmang
ID: 6964211
Have you seen Ethereal? This is a packet analyser that was originally written for Unix systems (where I first used it) but which has now been ported to the Micro$oft platform. This will give you a GUI version of windump allowing the packets to be broken apart for analysis.

Look at www.ethereal.com

Cheers - Gavin
0
 

Author Comment

by:cMan
ID: 6964244
I havent seen it. Initially I was presented with a solution
using either tcpdump, or ethereal, and I arbitrarily picked
tcpdump because of their respective order, tcpdump was mentioned first so I decided on that one.I didnt know about
it but the GUI version sounds like it would be perfect for
me...no learning curve, ease of use, etc...

Thx again!
Neil D

0

Featured Post

Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

For many of us, the  holiday season kindles the natural urge to give back to our friends, family members and communities. While it's easy for friends to notice the impact of such deeds, understanding the contributions of businesses and enterprises i…
Most of the applications these days are on Cloud. Cloud is ubiquitous with many service providers in the market. Since it has many benefits such as cost reduction, software updates, remote access, disaster recovery and much more.
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…

610 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question