Could i make tcpdump capture the necessary detail by using the snaplen
option, like:
tcpdump -s 0 -w tcp_cap 'dst host 192.168.10.1 && tcp port 80'
Or is it necessary to use the verbose switches like -v -vv or -vvv, like
tcpdump -vvv -s 0 tcp_cap 'dst host 192.168.10.1 && tcp port 80'
I know this isn't an ethereal question directly but since tcpdump is on
almost every box it's handy for performing the capure and then analying the
capture in ethereal.
Thanks,
Mike Partyka
Stonepath Logistics
Systems Administrator
(651)405-4300 Desk
(651)208-5734 Cell
(651)405-4342 Fax
-----Original Message-----
From: ethereal-users-bounces@xxxxxxxxxxxx
[mailto:ethereal-users-bounces@xxxxxxxxxxxx]On Behalf Of Breen Mullins
Sent: Friday, December 10, 2004 10:19 AM
To: Ethereal user support
Subject: Re: [Ethereal-users] New to capturing, ? about http
authorizations
On Fri, 2004-12-10 at 08:09 -0600, Mike Partyka wrote:
> My question is since http is not secure, and authorization is required to
> get that company list, when i run an http capture (tcpdump host
192.168.10.1
> and port 80) on my laptop and then do a manual sync, i don't ever see any
> account information and password being sent. How can this be? I know the
> authentication is occuring but i'm not seeing it.
tcpdump won't (by default) show enough detail to see the authentication
credentials. Try it in ethereal. You should see the TCP handshake,
followed by the browser requesting the page. The server will respond
with a 401 Unauthorized message. The browser then requests the page
again, adding an Authorization header to the request. The username
and password are Base64 encoded -- ethereal will decode that for you.
Regards,
Breen
--
Breen Mullins 408-435-8401x123
SQA Engineer 0xde05499b
Asante Technologies, Inc.
_______________________________________________
Ethereal-users mailing list
Ethereal-users@xxxxxxxxxxxx
http://www.ethereal.com/mailman/listinfo/ethereal-users