Hello,
I recently sinkholed a domain, and I setup a server on EC2 that contains HoneyD and TCPdump to record all interactions with the botnet. The only problem is, I am having a slight problem with TCPdump. I can't get it to run continuously. I put entries into crontab, and I run it from the terminal, but every time I log out of ssh it stops, and won't start again.
Here is the current command I use:
sudo tcpdump -n -i eth0 -s0 -C 1000 -w /home/ubuntu/output4
Basically its supposed to
1. rotate log files
2. run TCPdump all the time
Can someone help me figure out how to run this continually with rotating log files?
The only other thread I found was this one:
http://www.linuxquestions.org/questi...ground-843026/
but it does not adequately explain the solution.
Thanks,
Imprive