On Mon, Apr 02, 2001 at 09:31:29PM -0500, Bob Tanner wrote: > I am working on LDAP using TLS and I want to sniff my network to > make absolutely sure nothing is every exchanged with the ldap server > in clear text. > > I have tried several tools, each seems to have a strength, but none > of them are "simple". The tools I have used are tcpdump, snoop, > sniffit, ethereal. > > I just want to sniff all traffic between hostA and hostB on port 389 > and 636, which tool is best for this simple task? > > I'd like to see it like hostA tries to connect on port 389 with SSL. > Then hostB responds to use port 636. etc.. bash# tcpdump -x -X host \(hostA and hostB\) proto tcp port \(389 and 636\) ...might/should/could work to dump the contents of the packets and attempt to display them in ASCII format. ;-) I'm just guessing. -- Chad Walstrom <chewie at wookimus.net> | a.k.a. ^chewie http://www.wookimus.net/ | s.k.a. gunnarr Key fingerprint = B4AB D627 9CBD 687E 7A31 1950 0CC7 0B18 206C 5AFD -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 232 bytes Desc: not available Url : http://shadowknight.real-time.com/pipermail/tclug-list/attachments/20010411/361ebaca/attachment.pgp