We Don't Need No Stinkin' GUI: Command-Line Capture Techniques (Remote Options)

Date: May 17, 2011 from 8:30AM to 9:45AM
Day 2
SIM202
Speakers: Laura Chappell
Avg Rating: 5

(1)
4,960 Views
reddit

Tweet

format
< > embed
+ queue

Sign In first to access your queue.
Close

Sorry, video was not added to the queue, an error occurred. Please Contact Us and let us know.
Close

Embed code for this video

Copy the code above to embed our video on your website/blog.

Video format

Option selected may change based on video formats available and browser capability.

Auto
Use our suggested format for this video.
Smooth Streaming
Adaptive bitrate streaming - little buffering but lower video quality at times of low bandwidth. Silverlight 5 required
Progressive
Traditional buffered video format. Silverlight 5 required
HTML5
For browsers that support H.264 MP4 or WebM video playback such as:
IE9+, Firefox 4+, Chrome 5+, or Safari 4+.
Flash
For browsers that have the Adobe Flash Player plugin installed.

Download

Right click “Save as…”

Slides (view online)

MP4 (iPod, Zune HD)
Mid Quality WMV (Lo-band, Mobile)
High Quality WMV (PC, Xbox, MCE)

Why go to the GUI when the command-line capabilities of Tshark or tcpdump may be all you need to capture files to file sets,use a ring buffer,apply capture filters,extract specific fields,export traffic information for analysis in Microsoft Excel,or... you get the idea. In this session,Laura focuses on the methods used to capture local or remote traffic to troubleshoot,secure and optimize a network. Examining rpcapd.exe,Laura explains how to set up a remote host that sends you every little packet you want. Whipping out Tshark,Laura builds some pretty slick little batch files (remember those?) to send to a packet neophyte so you get just the traffic you want. It's 1984 all over again and the command-line rules,eh?