From owner-freebsd-questions Wed Jan 17 01:20:46 1996 Return-Path: owner-questions Received: (from root@localhost) by freefall.freebsd.org (8.7.3/8.7.3) id BAA28266 for questions-outgoing; Wed, 17 Jan 1996 01:20:46 -0800 (PST) Received: from megasoft.tic.ab.ca (root@megasoft.tic.ab.ca [198.161.220.180]) by freefall.freebsd.org (8.7.3/8.7.3) with SMTP id BAA28261 for ; Wed, 17 Jan 1996 01:20:41 -0800 (PST) Received: (from philw@localhost) by megasoft.tic.ab.ca (8.6.12/8.6.9) id CAA14556; Wed, 17 Jan 1996 02:19:03 -0700 Date: Wed, 17 Jan 1996 02:19:03 -0700 (MST) From: Phillip White To: Michael Smith cc: freebsd-questions@freebsd.org Subject: Re: ethernet packet sniffer. In-Reply-To: <199601170303.NAA01184@genesis.atrad.adelaide.edu.au> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-questions@freebsd.org Precedence: bulk On Wed, 17 Jan 1996, Michael Smith wrote: > Phillip White stands accused of saying: > > > > I'm an admin on a FreeBSD machine. I have seen alot of ethernet sniffers > > for SunOS, Linux, etc, but none ported to FreeBSD. Has anyone come > > across one or even have one they can give me? The TCPdump is not exactly > > what I'm looking for but rather the same funtionality that is in > > Solaris's "snoop" command. > > Can you be more specific about what it is that tcpdump doesn't do? > Sure.. From the way I see it function, it only shows packets not what is in the packets. Like if someone is on your machine entering information at any prompt ie. telnet, ftp, bash, etc you actually see what they are typing, typically in a line going down the screen because it is streaming. Tcpdump just shows the whole packet and what type the packet is, ie. netbeui, tcp etc.. and where it is going or coming from etc.. Phil..