in reply to Analyse a tcpdump dump file
(The free) Wireshark has powerful filtering and visualization tools to help analyze the packets.
If you really want to read these in perl, try the "offline Analysis" sample in the Net::Packet::Dump module.
You will also likely need the Netpacket:: series of modules for TCP/UDP or IP analysis.
Theory is when you know something, but it doesn't work.
Practice is when
something works, but you don't know why it works.
Programmers combine Theory
and Practice: Nothing works and they don't know why.
-Anonymous
|
|---|