Originally Posted by hadimotamedi
I have put tcpdump trace on port 4957 on my Linux server , as the following :
#tcpdump port 4957
I want to obtain the payload data to see what is realy being exchanged between my Linux server and the outside network element . Can you please let me know how I can modify my command ?
Well, I think that you might need to run tcpdump as the super-user. At least that's what I need to do on my Ubuntu rig. That way you can run in promiscuous mode and capture everything that hits the server's interface.
sudo tcpdump -s0 -vvv -w dumpfile
So, right there something like that should do it for you. I tacked on the -w dumpfile so that way it writes it to a file instead of dumping it onto the screen. I don't read that fast.