tcpdump vs. wireshark
jerome
connection, or is it necessary to use wireshark?
I ask because I am using TCP/IP Illustrated Vol. 1 as a companion text
to relearning basic networking and all of the examples use tcpdump but
I am interested in gathering info using a Linux netbook typically on a
wireless connection.
Jorgen Grahn
> Is it possible to use tcpdump for gathering info on a wireless
> connection, or is it necessary to use wireshark?
They both use libpcap, so either both work or neither do. Based on the
tcpdump man page, I expect them to work.
/Jorgen
--
// Jorgen Grahn <grahn@ Oo o. . .
\X/ snipabacken.se> O o .
Rick Jones
> On Sat, 2009-11-28, jerome wrote:
> > Is it possible to use tcpdump for gathering info on a wireless
> > connection, or is it necessary to use wireshark?
> They both use libpcap, so either both work or neither do. Based on
> the tcpdump man page, I expect them to work.
Expanding on that, it helps to think of gathering information on
network traffic as being in two parts - collection, and
display/analysis. Think of them as "layers" if you like. The libpcap
mentioned is a library employed by both tcpdump and wireshark (and
perhaps other tools as well) to perform packet capture. Tcpdump and
wireshark then have other code to do the display/analysis.
Some display/analysis tools can post-process several capture formats
in addition to that produced by libpcap - for example, I believe that
wireshark or ethereal can process nettl traces from HP-UX.
rick jones
exploration of the similarities between this and "Shimmer" (Saturday
Night Live sketch about something that was both a floor wax and a
dessert topping...) is left as an exercise to the reader
--
I don't interest myself in "why." I think more often in terms of
"when," sometimes "where;" always "how much." - Joubert
these opinions are mine, all mine; HP might not want them anyway... :)
feel free to post, OR email to rick.jones2 in hp.com but NOT BOTH...