[prev in list] [next in list] [prev in thread] [next in thread] 

List:       tcpdump-workers
Subject:    Re: [tcpdump-workers] Assumptions needed to get the same tcpdump
From:       Jefferson Ogata <Jefferson.Ogata () noaa ! gov>
Date:       2006-04-12 16:36:44
Message-ID: 443D2C9C.3090302 () noaa ! gov
[Download RAW message or body]

On 04/12/2006 07:07 AM, Hannes Gredler wrote:
> if your DNS is configured correct on both systems and you don't do any
> site local private adressing then you should get the identical output
> on both systems - if you specifiy the -n flag then tcpdump does not attempt
> to resolve names, you should be fine i.e. identical output irrespective
> how broken your DNS is.

What about differences in /etc/services?

> Latha G wrote:
>> Cann't we expect the output of tcpdump on different systems for the same
>> input file
>> to be same?
>> I am not getting the same output, in the sense it was differencing at the
>> hostnames..I suppose the problem might be DNS lookups,
>> one was using and the other one not.
>> Whether the both systems has to be DNS enabled or disabled?
>> Is this assumption is needed to get the same output?
>> Like wise , are there any other assumptions ? or it is impossible to
>> get the
>> same output on different systems?
>>
>> Thanks in advance.

-- 
Jefferson Ogata <Jefferson.Ogata@noaa.gov>
NOAA Computer Incident Response Team (N-CIRT) <ncirt@noaa.gov>
"Never try to retrieve anything from a bear."--National Park Service
-
This is the tcpdump-workers list.
Visit https://lists.sandelman.ca/ to unsubscribe.
[prev in list] [next in list] [prev in thread] [next in thread]