Security-related question
Matt Graham
danceswithcrows at usa.net
Tue Feb 22 09:28:21 MST 2011
From: Jim March <1.jim.march at gmail.com>
> jim at jim-lappy:~$ tcpdump -s 0 -w file.pcap host 127.0.0.1
> tcpdump: no suitable device found
That's the loopback interface, and will not have what you're looking for on
it. tcpdump under Linux must be run as root unless you have the "capability"
stuff turned on and active in your kernel, and the user you're running tcpdump
as has the CAP_NET_RAW privilege. The error message I get is exactly the same
when I try to run tcpdump as a non-root user.
> So I ran Wireshark and it doesn't see an interface it can use.
You're generally discouraged from running wireshark as a capture tool, since
it'll only capture stuff when run as root, and wireshark is far more complex
than tcpdump.
> I think I have an Atheros mini-PCI-express I can bolt into this Dell
> I'm using at the moment...will that help?
I don't think it's hardware, but privileges that are causing the problem. Try
running tcpdump as root, using the real IP of the VM for the "host" parameter,
and seeing what you get.
--
Matt G / Dances With Crows
The Crow202 Blog: http://crow202.org/wordpress/
There is no Darkness in Eternity/But only Light too dim for us to see
More information about the PLUG-discuss
mailing list