Q: Packet Dumping?

Luke Kenneth Casson Leighton lkcl at switchboard.net
Thu Oct 30 11:58:46 GMT 1997 

On Thu, 30 Oct 1997, Alex Satrapa wrote:

> Sorry to bother you all... but I keep seeing references to "packet dumping"
> or "net tracing" when the Samba team (and others) are talking about
> implementing new protocols...
> 
> Now I'm wondering, how do you do this? Can I just tell my Linux 2.0.31 box
> to go into promiscuous mode and record all packets carrying NetBIOS data,
> destined for any machine?

yep!

tcpdump -n -s 1500 -w dump_file
<press ctrl-c>

tcpdump -n -s 1500 -r dump_file > dump_file.txt
tcpdump -n -s 1500 -r dump_file | more

> Or is the packet dumping the Samba team are
> referring to part of the debug function of samba itself?

the log.nmb and log.smb files have limited packet parsing capabilities, 
which i am improving and developing specifically on the RPC pipe side, 
for later inclusion in tcpdump.

so, yes, we can be referring to the log files; yes, we can be referring 
to tcpdump; yes we can also be referring to "netmon.exe" which, for the 
current development underway is particularly useful: it's the only 
reference we have for the correct parsing of RPC pipe packets

> would I need to buy specialist hardware to do this properly?*

...

> If this is covered in the docs, please point me to it. I've read through
> most of the docs directory already, but I probably ignored anything about
> packet dumping/sniffing at the time, considering it irrelevant to my needs.

DIAGNOSIS.txt.  probably.

> Thanks for your patience.
> Alex
> 
> *My favourite experience with protocol analysers was half an hour I got to
> watch a guy track down some faults in a mixed LAN using a Wandel-Goltermann
> WG50 protocol analyser. Very nice stuff... but it looked like "just" a
> Windows 3.11 PC with some fancy software, in a pretty box.

probably was!  expensive software, too, probably.
 
> Windows 95: n. 32 bit extensions and a graphical shell for a 16 bit patch
> to an 8 bit operating system originally coded for a 4 bit microprocessor,
> written by a 2 bit company.
> 
> 
> 

<a href="mailto:lkcl at switchboard.net"  > Luke Kenneth Casson Leighton </a>
<a href="http://mailhost.cb1.com/~lkcl"> Lynx2.7-friendly Home Page   </a>
<br><b> "Apply the Laws of Nature to your environment because your
         environment applies the Laws of Nature to you"               </b>

More information about the samba mailing list