Bill East on 7 Jan 2012 08:14:28 -0800

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] Need Help with TCPDump

On Sat, Jan 7, 2012 at 10:41 AM, <> wrote:
I bought one of those goofy internet clocks ( and
despite a few problems, have been able to get my messages sent to it via the
company's web page or eMail.

However, being one who will never leave anything working alone (I have an
unsatisfiable desire to "improve" things! <grin>), I want to hack this little
bad boy.

I have not found anything published on the protocol for the clock, so I
thought I'd just sniff the network stream and  figure out what it's doing.  I
can tell from my DHCP server that it's getting a lease at  I
therefore tried this command on my firewall.

tcpdump -i eth1 host

I then used the web page to successfully send a message to the clock.

Oddly, I'm not getting anything recorded by tcpdump.  If I drop the host
portion and just grab everything, the address of the clock never shows up.

I'm fairly certain that if your interface is not in promiscuous mode it will not record traffic passing through, even on that specific interface.

ifconfig eth1 promisc should do it for you, but I'm saying that from memory.
Philadelphia Linux Users Group         --
Announcements -
General Discussion  --