From: Scott Morris (swm@emanon.com)
Date: Mon Dec 29 2003 - 10:40:31 GMT-3
Are you using a capture filter? That's likely you're difficulty there.
Take the filter out and you'll capture everything. Or change your
filter for being simply source/destination IP address and then narrow it
down from there.
Otherwise, everything should be captured just fine, but you would limit
it based on your filtering logic. I'm not aware of a way to set the
filter for a dynamic custom application, because, as is implied, it's
custom....
Scott Morris, CCIE4 (R&S/ISP-Dial/Security/Service Provider) #4713,
CISSP, JNCIS, et al.
IPExpert CCIE Program Manager
IPExpert Sr. Technical Instructor
swm@emanon.com/smorris@ipexpert.net
http://www.ipexpert.net
-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
Raminder Sarna
Sent: Monday, December 29, 2003 2:53 AM
To: ccielab@groupstudy.com
Subject: Ethereal for sniffing dynamic ports (1024-65535)
hi group,
ive got an unusal problem here because of which
im supposed to sniff packets for a source and
destination layer 4 port both of which are dynamic, i
know the application which runs at the client site
uses that (6200 port number) as it is programmed to do
so and it is working, but still using ethereal im only
able to get as far as having a fixed known port on
either destination or source traffic the other being
dynamic, can i somehow sniff packets which have both
source and destination ports dynamic and not fixed
like arp, vines etc....
anyother analyser maybe....
thanks for any advice
raminder.
__________________________________
Do you Yahoo!?
New Yahoo! Photos - easier uploading and sharing.
http://photos.yahoo.com/
This archive was generated by hypermail 2.1.4 : Sat Jan 03 2004 - 08:25:46 GMT-3