From my previous post regarding tcptrace, I have mentioned it is not playing well with udp, however this is not the case, you can collect udp session data flow by using -u option, the best part is you can even selectively collect udp flow or ignoring it by specifying --oUDP and --iUDP.
Another thing I would like to point out is the add-on modules that available for tcptrace such as TRAFFIC module, HTTP module and etc. You should get your hand dirty with it because it has done very good job in one specific area and not only produce general outputs. I will demonstrate some usages of it when I have times.
Time ain't enough, should I summon another 24 hours for you?
Cheers :]
Another thing I would like to point out is the add-on modules that available for tcptrace such as TRAFFIC module, HTTP module and etc. You should get your hand dirty with it because it has done very good job in one specific area and not only produce general outputs. I will demonstrate some usages of it when I have times.
Time ain't enough, should I summon another 24 hours for you?
Cheers :]
No comments:
Post a Comment