Wireshark

  • Riverbed Technology
  • WinPcap
the world's foremost network protocol analyzer
  • Wireshark
    • About
    • Download
    • Blog
  • Get Help
    • Ask a Question
    • FAQs
    • Documentation
    • Mailing Lists
    • Online Tools
    • Wiki
    • Bug Tracker
  • Develop
    • Get Involved
    • Developer's Guide
    • Browse the Code
    • Latest Builds

Wireshark-users: Re: [Wireshark-users] Yum install centos 5.2

Date Index Thread Index Other Months All Mailing Lists
Date Prev Date Next Thread Prev Thread Next


From: Kevin Cullimore <kcullimo@xxxxxxxxxx>
Date: Sun, 11 Oct 2009 17:34:55 -0400

Mike Brandonisio wrote:

Hi,
Since I receive the MAKE error. I stopped chasing that and did the yum install again. 

tshark does show what appears to be traffic.
The main reason for all of this to monitor/record HELOs/EHLOs to see what is impersonating my IP address to get me listed on CBL. 

tshark is giving me data like this:
5.603672 75.XX.XX.XX -> 74.xx.xx.xx TCP 51268 > 22 [ACK] Seq=1 Ack=3185 Win=65535 Len=0 TSV=246431382 TSER=315369746 

Any thoughts?
Based upon that output, it's unclear your filters are set up properly, and you may well need to display more bytes of each packet to make any headway. I've generally realized better packet-capture troubleshooting outcomes when I write the results to a file for followup analysis. 
Sincerely,
Mike
--
Mike Brandonisio          *    Web Hosting / Development
Tech One Illustration     *    Internet Marketing
tel (630) 759-9283 x1001  *    e-Commerce
mbrando@xxxxxxxxxxxxxx    *    www.jikometrix.net

    JIKOmetrix - Reliable web hosting


Guy Harris wrote:

On Oct 11, 2009, at 1:21 PM, Mike Brandonisio wrote:
Is it possible I should be looking for something other than "wireshark" to execute? 

No, that's the name of the executable.
What happens if you "locate tshark"? At least some RPM-based systems have, in an attempt to maximize confusion, packaged the non-GUI parts of Wireshark as "wireshark" and the GUI parts as "wireshark-gnome", or something like that; perhaps Centos 5.2 (or the version of Red Hat on which it's based) did that, so that you got the command-line TShark installed, but not the GUI Wireshark. 
___________________________________________________________________________
Sent via:    Wireshark-users mailing list <wireshark-users@xxxxxxxxxxxxx>
Archives:    http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
             mailto:wireshark-users-request@xxxxxxxxxxxxx?subject=unsubscribe


___________________________________________________________________________
Sent via:    Wireshark-users mailing list <wireshark-users@xxxxxxxxxxxxx>
Archives:    http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
             mailto:wireshark-users-request@xxxxxxxxxxxxx?subject=unsubscribe
  • Follow-Ups:
    • Re: [Wireshark-users] Yum install centos 5.2
      • From: Mike Brandonisio
  • References:
    • [Wireshark-users] Yum install centos 5.2
      • From: Mike Brandonisio
    • Re: [Wireshark-users] Yum install centos 5.2
      • From: Guy Harris
    • Re: [Wireshark-users] Yum install centos 5.2
      • From: Mike Brandonisio
    • Re: [Wireshark-users] Yum install centos 5.2
      • From: Guy Harris
    • Re: [Wireshark-users] Yum install centos 5.2
      • From: Mike Brandonisio
  • Prev by Date: Re: [Wireshark-users] Yum install centos 5.2
  • Next by Date: Re: [Wireshark-users] Yum install centos 5.2
  • Previous by thread: Re: [Wireshark-users] Yum install centos 5.2
  • Next by thread: Re: [Wireshark-users] Yum install centos 5.2
  • Index(es):
    • Date
    • Thread

Wireshark and the "fin" logo are registered trademarks of the Wireshark Foundation