Date: Fri, 13 Apr 2001 16:02:57 +0200 (CEST) From: Christoph Kukulies <kuku@gilberto.physik.rwth-aachen.de> To: freebsd-security@freebsd.org Subject: tcpdump (tutorial?) Message-ID: <200104131402.f3DE2vx32654@gilberto.physik.rwth-aachen.de>
next in thread | raw e-mail | index | archive | help
I don't know how others experience this: Whenever it comes to some suspicion on net intruders or so I find me in reading tcpdump's man page and I'm scratching head about the syntax. Once learned to form a little script that filters this and that it's laid away or lost when the storm is over. Next time same procedure. Uh, oh, what was again this tcpdump syntax to watch that host for incoming and outgoing packets that do not come from our local network and are not http port. Is there a tutorial? Has someone written down some typical 'security' examples? -- Chris Christoph P. U. Kukulies kuku@gil.physik.rwth-aachen.de To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200104131402.f3DE2vx32654>