Snoop vs. Tcpduimp

Sat, 14 Jun 2003 14:37:00 -0700

Jeffrey Pyne wrote:

> Okay, this has been bugging me for a while now.  I've R'ed the hell out of
> TFMs, and I still can't figger this out.  Using Solaris' snoop command, I
> can do troubleshooting of layer 7 of the OSI model.  I can view the data of
> an SMTP dialog, a DNS query, an HTTP GET etc.  Can I do this with tcpdump on
> Linux?  I suspect the answer is "Nope, you can only see the lower layers."
> If it isn't possible, is there a common command line tool for Linux that
> *will* let me do this?

closest thing I can think of is Ethereal.