• We’re currently investigating an issue related to the forum theme and styling that is impacting page layout and visual formatting. The problem has been identified, and we are actively working on a resolution. There is no impact to user data or functionality, this is strictly a front-end display issue. We’ll post an update once the fix has been deployed. Thanks for your patience while we get this sorted.

tcpdump in ssh

Red Squirrel

Red Squirrel

No Lifer
Is there a way to tell tcpdump to NOT register ssh traffic? It's hard to try and read the output when 99% of it is my actual ssh session. I can write to file then download and open in ethereal but it's so much easier to just do it live.
 
Look at the filtering options in tcpdump, you can filter on pretty much any aspect of traffic that you can think of.
 
Yep, it's easier to build filters to only catch the traffic you're are interested in.
Click to expand...

Generally, yes. But sometimes you're not sure what you're looking for so it's simpler to specify what you're not looking for and that's just as easy with pcap filters in tcpdump or wireshark.
 
Found out that you can add ethereal style filters at the end, so got it working.

And yeah I rather filter out what I don't want then filter in only what I want, as I might miss other stuff.

I've also found that disabling lookups helps a lot to decrease network traffic / logging.

 
Originally posted by: RedSquirrel
Found out that you can add ethereal style filters at the end, so got it working.

And yeah I rather filter out what I don't want then filter in only what I want, as I might miss other stuff.

I've also found that disabling lookups helps a lot to decrease network traffic / logging.
Click to expand...

Yeah, I guess I'm used to looking at packets for specific protocols to debug application issues where it makes sense to filter only what I'm looking for.
 
You must log in or register to reply here.

TRENDING THREADS

Back
Top