We’d like to remind Forumites to please avoid political debate on the Forum.
This is to keep it a safe and useful space for MoneySaving discussions. Threads that are – or become – political in nature may be removed in line with the Forum’s rules. Thank you for your understanding.
📨 Have you signed up to the Forum's new Email Digest yet? Get a selection of trending threads sent straight to your inbox daily, weekly or monthly!
The Forum now has a brand new text editor, adding a bunch of handy features to use when creating posts. Read more in our how-to guide
Knowledgeable Linux person please assist
John_Gray
Posts: 5,847 Forumite
in Techie Stuff
On a server, I am booting a Live CD, which has a variant of Linux on it (Fedora 13, but it shouldn't matter), with the intention of not ever, ever, writing anything to the server's hard disk. I need to run diagnostics in a non-Windows operating system.
I wish to write debugging information to a file and the command I have been given to capture packets, run in a Terminal window, is (in part) tcpdump -w test.pcap
In a second Terminal window I will run various commands, whose resulting TCP packets are captured by TCPDUMP in the first Terminal window.
When I terminate this packet capture (with Ctrl+C) in the first Terminal window I presume the file is closed off - but I have no idea where it is located (bearing in mind that I have booted from a Live CD), apart from 'somewhere in memory'.
I need to copy this file for later examination onto a USB Flash drive (which after insertion pops up on the Linux desktop as "1.0 GB File System").
Please could someone provide the exact sequence of commands to enable me to do this? Please assume (my) almost total ignorance of Linux, but contaminated by Windows knowledge...
(If you can tell me what to do to have the packets written directly to a file on the USB Flash drive that would be even better!)
Thanks!
I wish to write debugging information to a file and the command I have been given to capture packets, run in a Terminal window, is (in part) tcpdump -w test.pcap
In a second Terminal window I will run various commands, whose resulting TCP packets are captured by TCPDUMP in the first Terminal window.
When I terminate this packet capture (with Ctrl+C) in the first Terminal window I presume the file is closed off - but I have no idea where it is located (bearing in mind that I have booted from a Live CD), apart from 'somewhere in memory'.
I need to copy this file for later examination onto a USB Flash drive (which after insertion pops up on the Linux desktop as "1.0 GB File System").
Please could someone provide the exact sequence of commands to enable me to do this? Please assume (my) almost total ignorance of Linux, but contaminated by Windows knowledge...
(If you can tell me what to do to have the packets written directly to a file on the USB Flash drive that would be even better!)
Thanks!
0
Comments
-
You should be able to write the capture file directly to the mounted USB flash drive by specifying the path when you type the tcpdump -w command. For example: tcpdump -w /tmp/test.pcap (which will write the capture file to the /tmp directory)
To write directly to the mounted USB flash drive you will need to know the path/name of the mounted device. If you type "mount" in a terminal you should see all the mounted devices and filesystems, for example:
mount
/dev/sdc1 on /media/Seagate type fuseblk (rw, nosuid, nodev etc...)
This means that I have device that is mounted on /media with the name Seagate.
So if I were to create a tcpdump capture, I would type:
tcpdump -w /media/Seagate/test.pcap
It all depends where the Live CD is mounting the USB flash drive.
HTH0 -
....................0
-
Thanks, folks - I'll try all this on Monday.0
-
Somewhat delayed, I tried the above suggestions.
The Terminal window prefix comes out as
[liveuser@localhost ~]$
Both cd Desktop and cd desktop gave an error.
Mount -? gave (in part)
/dev/sdl1 on /media/2DF3-1AFC
and so
cd /media/2DF3-1AFC
worked.
So having done su - I was able to capture the TCPDUMP data on the USB Flash drive!
Thanks again to you both...0
This discussion has been closed.
Confirm your email address to Create Threads and Reply
Categories
- All Categories
- 353.5K Banking & Borrowing
- 254.1K Reduce Debt & Boost Income
- 455K Spending & Discounts
- 246.6K Work, Benefits & Business
- 602.9K Mortgages, Homes & Bills
- 178.1K Life & Family
- 260.6K Travel & Transport
- 1.5M Hobbies & Leisure
- 16K Discuss & Feedback
- 37.7K Read-Only Boards