Snoop is the Solaris equivalent to tcpdump,
Just like tcpdump you need to specify a network interface which you want to tap, otherwise it will default to the 1st interface
The command syntax for a basic capture would be
snoop –d ce2 –o /tmp/output.cap
here ce2 is the network interface whereas the output has been pushed in output.cap file in tmp directory , you can download the file using ftp/sftp and analyze using wireshark
There are many instances when for want to run snoop for longer intervals of time to capture some specific even in network traffic . in this case you can force snoop to run in background using nohup and &
nohup snoop -d ce2 -s 2000 -o /tmp/backgroud.cap &
DONOT close the snoop window do exit to close the terminal .. .otherwise the snoop will stop
Related posts:
- How is Linux Different than Solaris Differences between Linux and Solaris Linux is also just a...
- Wireless broadcasting I by chance captured the traffic flowing from my wireless...
- Record VoIP Calls 1st of all please be clear, this post is not...
- Decode and Play G729 on Windows Decode and Play G729 on Windows Wireshark has a very...
no comment untill now