TCPDUMP

[Yohhan]

I want to have tcpdump running in the background all the time, outputting data to file. Will this kill my resources?

 

[AFB]

What is the computer's specs ?

 

[Garion]

Not only does it depend on the specs, it depends on how much network traffic you're doing. If you're just piddling along at general HTTP browsing, fine.

If you're cranking away at a P2P app and sharing videos / music across the LAN to your other machine, no. Forget it.

Remember NOT to try to save the file to a NFS/CIFS mount. (Lessee. I capture one packet, then save it across a network share, which generates TWO more packets. Capture and save those two packets on the network mount, which generates FOUR more packets.. Repeat.) Baaaaad news after, oh, say, 10 seconds. (Sounds funny, but I've seen people do it. Kind of like watching an unrestricted snoop to the console over a Telnet command line. Duh).

- G

 

[n0cmonkey]

Originally posted by: Garion
Not only does it depend on the specs, it depends on how much network traffic you're doing. If you're just piddling along at general HTTP browsing, fine.

If you're cranking away at a P2P app and sharing videos / music across the LAN to your other machine, no. Forget it.

Remember NOT to try to save the file to a NFS/CIFS mount. (Lessee. I capture one packet, then save it across a network share, which generates TWO more packets. Capture and save those two packets on the network mount, which generates FOUR more packets.. Repeat.) Baaaaad news after, oh, say, 10 seconds. (Sounds funny, but I've seen people do it. Kind of like watching an unrestricted snoop to the console over a Telnet command line. Duh).

- G

bwahahahaha! Sounds like something I would do

 

[cmetz]

Yohhan, use tcpdump -s <whatever> -w <filename> for this purpose - do NOT have it running all the time decoding. There have been buffer overflow exploits in tcpdump and ethereal that are basically attacks on people who do tcpdump >foo.log and leave it running.

 

[chsh1ca]

Yes, eventually you will run out of drive space.