Wireshark · Wireshark-users: Re: [Wireshark-users] Yum install centos 5.2

Wireshark-users: Re: [Wireshark-users] Yum install centos 5.2

From: Kevin Cullimore <kcullimo@xxxxxxxxxx>

Date: Sun, 11 Oct 2009 17:34:55 -0400

Mike Brandonisio wrote:

Hi,
Since I receive the MAKE error. I stopped chasing that and did the yuminstall again.
tshark does show what appears to be traffic.
The main reason for all of this to monitor/record HELOs/EHLOs to seewhat is impersonating my IP address to get me listed on CBL.
tshark is giving me data like this:
5.603672 75.XX.XX.XX -> 74.xx.xx.xx TCP 51268 > 22 [ACK] Seq=1Ack=3185 Win=65535 Len=0 TSV=246431382 TSER=315369746
Any thoughts?

Based upon that output, it's unclear your filters are set up properly,and you may well need to display more bytes of each packet to make anyheadway. I've generally realized better packet-capture troubleshootingoutcomes when I write the results to a file for followup analysis.

Sincerely,
Mike
--
Mike Brandonisio          *    Web Hosting / Development
Tech One Illustration     *    Internet Marketing
tel (630) 759-9283 x1001  *    e-Commerce
mbrando@xxxxxxxxxxxxxx    *    www.jikometrix.net

    JIKOmetrix - Reliable web hosting


Guy Harris wrote:

On Oct 11, 2009, at 1:21 PM, Mike Brandonisio wrote:
Is it possible I should be looking for something other than"wireshark" to execute?
No, that's the name of the executable.
What happens if you "locate tshark"? At least some RPM-based systemshave, in an attempt to maximize confusion, packaged the non-GUI partsof Wireshark as "wireshark" and the GUI parts as "wireshark-gnome", orsomething like that; perhaps Centos 5.2 (or the version of Red Hat onwhich it's based) did that, so that you got the command-line TSharkinstalled, but not the GUI Wireshark.
___________________________________________________________________________
Sent via:    Wireshark-users mailing list <wireshark-users@xxxxxxxxxxxxx>
Archives:    http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
             mailto:wireshark-users-request@xxxxxxxxxxxxx?subject=unsubscribe

___________________________________________________________________________
Sent via:    Wireshark-users mailing list <wireshark-users@xxxxxxxxxxxxx>
Archives:    http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
             mailto:wireshark-users-request@xxxxxxxxxxxxx?subject=unsubscribe

Follow-Ups:
- Re: [Wireshark-users] Yum install centos 5.2
  - From: Mike Brandonisio

References:
- [Wireshark-users] Yum install centos 5.2
  - From: Mike Brandonisio
- Re: [Wireshark-users] Yum install centos 5.2
  - From: Guy Harris
- Re: [Wireshark-users] Yum install centos 5.2
  - From: Mike Brandonisio
- Re: [Wireshark-users] Yum install centos 5.2
  - From: Guy Harris
- Re: [Wireshark-users] Yum install centos 5.2
  - From: Mike Brandonisio

Prev by Date: Re: [Wireshark-users] Yum install centos 5.2
Next by Date: Re: [Wireshark-users] Yum install centos 5.2
Previous by thread: Re: [Wireshark-users] Yum install centos 5.2
Next by thread: Re: [Wireshark-users] Yum install centos 5.2
Index(es):
- Date
- Thread