Ethereal-users: [Ethereal-users] Analyzing p2p.

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

From: "Santi Benito" <benisoroa@xxxxxxxxxxx>
Date: Tue, 16 May 2006 17:35:17 +0200
Hello users of ethereal, my name is Santiago Benito, and I have started today using ethereal, more specifically tethereal. I have been using snort to analyze one pcap file and the results has not been as we expect and to verify them or not, my professor has told me to use tethereal. I have seen at ethereal's display filter reference that only two p2p protocols filters are supported: edonkey and bittorrent.

I am replaying with tcpreplay one pcap file to another directly connected computer by eth1 and I would know what would be the exact command line to receive well the packets:
I have tried:

#tethereal -i eth1 -R edonkey ¿Is it ok?

or could be better

#tethereal -i eth1 -R 'edonkey|emule'

Also I would know how to display a complete statistic with option -z because I haven`t understad very well this part of man pages. Thanks alot. I am waiting for your response nervously.Please respond to this email address as I am not a suscriber.
Santi

_________________________________________________________________
Acepta el reto MSN Premium: Correos más divertidos con fotos y textos increíbles en MSN Premium. Descárgalo y pruébalo 2 meses gratis. http://join.msn.com?XAPID=1697&DI=1055&HL=Footer_mailsenviados_correosmasdivertidos