cMan
asked on
Using WinDump......
I was wondering if I could get some command line examples
of using windump...First, could I get a command line example that writes all output to a file..and second,
could I have a command line example that filters out
everything thats not internet related.
of using windump...First, could I get a command line example that writes all output to a file..and second,
could I have a command line example that filters out
everything thats not internet related.
ASKER
Already been there. I think that documentaion is for someone a little bit more familiar with this sort of stuff
than I am. In Short the docs were little help which is why
I submitted a question here so I could get specific examples of what I want to do..
Neil D
than I am. In Short the docs were little help which is why
I submitted a question here so I could get specific examples of what I want to do..
Neil D
1) To output windump capture to a text file use "windump > capture .txt"
2) To output to a binary file to allow post processing via windump use "windump -w binary_file". This can then be re-read via "windump -r binary_file"
3) Can you define what you mean by "internet related" to allow the filter to be defined?
Cheers - Gavin
2) To output to a binary file to allow post processing via windump use "windump -w binary_file". This can then be re-read via "windump -r binary_file"
3) Can you define what you mean by "internet related" to allow the filter to be defined?
Cheers - Gavin
ASKER
Could I get an example of how to filter out everything
except timestamps and URLs...or said another way...could I
get windump to output only URLs and timestamps to file.
Thx again!
Neil D
except timestamps and URLs...or said another way...could I
get windump to output only URLs and timestamps to file.
Thx again!
Neil D
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks Gavin, That will do.
You've helped me enough I think, and besides, after using
the program a little I think i'd rather output ALL the
data to file anyways.
Neil D
You've helped me enough I think, and besides, after using
the program a little I think i'd rather output ALL the
data to file anyways.
Neil D
Have you seen Ethereal? This is a packet analyser that was originally written for Unix systems (where I first used it) but which has now been ported to the Micro$oft platform. This will give you a GUI version of windump allowing the packets to be broken apart for analysis.
Look at www.ethereal.com
Cheers - Gavin
Look at www.ethereal.com
Cheers - Gavin
ASKER
I havent seen it. Initially I was presented with a solution
using either tcpdump, or ethereal, and I arbitrarily picked
tcpdump because of their respective order, tcpdump was mentioned first so I decided on that one.I didnt know about
it but the GUI version sounds like it would be perfect for
me...no learning curve, ease of use, etc...
Thx again!
Neil D
using either tcpdump, or ethereal, and I arbitrarily picked
tcpdump because of their respective order, tcpdump was mentioned first so I decided on that one.I didnt know about
it but the GUI version sounds like it would be perfect for
me...no learning curve, ease of use, etc...
Thx again!
Neil D
http://windump.polito.it/docs/default.htm