• We’re currently investigating an issue related to the forum theme and styling that is impacting page layout and visual formatting. The problem has been identified, and we are actively working on a resolution. There is no impact to user data or functionality, this is strictly a front-end display issue. We’ll post an update once the fix has been deployed. Thanks for your patience while we get this sorted.

TCPDUMP

Y

Yohhan

Senior member
I want to have tcpdump running in the background all the time, outputting data to file. Will this kill my resources?
 
Not only does it depend on the specs, it depends on how much network traffic you're doing. If you're just piddling along at general HTTP browsing, fine.

If you're cranking away at a P2P app and sharing videos / music across the LAN to your other machine, no. Forget it.

Remember NOT to try to save the file to a NFS/CIFS mount. (Lessee. I capture one packet, then save it across a network share, which generates TWO more packets. Capture and save those two packets on the network mount, which generates FOUR more packets.. Repeat.) Baaaaad news after, oh, say, 10 seconds. (Sounds funny, but I've seen people do it. Kind of like watching an unrestricted snoop to the console over a Telnet command line. Duh).

- G
 
Originally posted by: Garion
Not only does it depend on the specs, it depends on how much network traffic you're doing. If you're just piddling along at general HTTP browsing, fine.

If you're cranking away at a P2P app and sharing videos / music across the LAN to your other machine, no. Forget it.

Remember NOT to try to save the file to a NFS/CIFS mount. (Lessee. I capture one packet, then save it across a network share, which generates TWO more packets. Capture and save those two packets on the network mount, which generates FOUR more packets.. Repeat.) Baaaaad news after, oh, say, 10 seconds. (Sounds funny, but I've seen people do it. Kind of like watching an unrestricted snoop to the console over a Telnet command line. Duh).

- G
Click to expand...

bwahahahaha! Sounds like something I would do 😛
 
Yohhan, use tcpdump -s <whatever> -w <filename> for this purpose - do NOT have it running all the time decoding. There have been buffer overflow exploits in tcpdump and ethereal that are basically attacks on people who do tcpdump >foo.log and leave it running.
 
You must log in or register to reply here.

TRENDING THREADS

Back
Top