The malware has probably reached Australia by now. :)

On Tue, Feb 22, 2011 at 12:42 PM, Jim March <1.jim.march@gmail.com> wrote:
> Sigh.
>
> I've looked the manual over for tcpdump:
>
> http://www.tcpdump.org/tcpdump_man.html
>
> I've tried the commands:
>
> ---
> jim@jim-lappy:~$ sudo tcpdump -s 0 -w -i file.pca host 10.0.1.4
> [sudo] password for jim:
> tcpdump: WARNING: eth0: no IPv4 address assigned
> tcpdump: syntax error
> jim@jim-lappy:~$ sudo tcpdump -s 0 -w -i any file.pca host 10.0.1.4
> tcpdump: WARNING: eth0: no IPv4 address assigned
> tcpdump: syntax error
> jim@jim-lappy:~$ sudo tcpdump -s 0 -w -i any file.pca
> tcpdump: WARNING: eth0: no IPv4 address assigned
> tcpdump: syntax error
> jim@jim-lappy:~$
> ---
>
> The man page doesn't give enough examples to tell me how to do this.
> Dangit...any idea what the exact syntax might be?
>
> WAIT, nevermind, on a hunch I tried using Wireshark with sudo.  Bingo.
> Would have been nice to know...sigh.
>
> Jim
>
> On Tue, Feb 22, 2011 at 12:15 PM, Matt Graham <danceswithcrows@usa.net>
> wrote:
>>
>> From: Jim March <1.jim.march@gmail.com>
>> > jim@jim-lappy:~$ sudo tcpdump -s 0 -w file.pca host 10.0.1.4
>> > tcpdump: WARNING: eth0: no IPv4 address assigned
>> > tcpdump: listening on eth0, link-type EN10MB (Ethernet)
>> >
>> > This comes closer, but...it's still listening on eth0.
>> > How do I point it to wlan0?
>>
>> The Fine Manual for tcpdump suggests the -i option.  tcpdump goes to the
>> lowest-numbered interface by default, which is sensible, but is not always
>> what you want.
>>
>> --
>> Matt G / Dances With Crows
>> The Crow202 Blog:  http://crow202.org/wordpress/
>> There is no Darkness in Eternity/But only Light too dim for us to see
>>
>> ---------------------------------------------------
>> PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
>> To subscribe, unsubscribe, or to change your mail settings:
>> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
>
>
> ---------------------------------------------------
> PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
> To subscribe, unsubscribe, or to change your mail settings:
> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
>
---------------------------------------------------
PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
To subscribe, unsubscribe, or to change your mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss