[K12OSN] Reading TCP packets
"Terrell Prudé Jr."
microman at cmosnetworks.com
Wed Jul 23 17:43:05 UTC 2008
Sudev Barar wrote:
> 2008/7/23 "Terrell Prudé Jr." <microman at cmosnetworks.com>:
>
>>> I have a remote device that is generating data and is sending as a TCP
>>> packet to designated IP:Port. If I open and set a non standard port I
>>> am able to receive the packets using a listener. Problem is that the
>>> host where I have to move this project allows listening only on port
>>> 80 (apache) or port 25/110 (mail) or port 22 (ssh)
>>>
>>> How can I set up apache or iptables to log in incoming data packets
>>> while at the same time allow apache to serve web pages?
>>>
>>> My google time continues to turn up inconclusive leads.
>>>
>>>
>> If you're sniffing, which is what it sounds like you're doing, then it
>> doesn't matter which "port you have open." You don't need to have any
>> "ports open" on your sniffer. Rob Owens suggested Wireshark, and I
>> agree with him. TCPDump is another good sniffer.
>>
>
> No I am not sniffing. The remote device can be set to send packets to
> any IP:Port combination. So I just opened a random high port in my
> firewall and used "nc" to read the packets at that port. Then another
> program takes over and process these and log them on to database.
>
> Now problem is after establishing proof of concept on my laptop I need
> to run this system on a web-host and that host only has ports
> mentioned open.
>
Which packets do you want to log on this Web server? From your
response, I'm guessing it's accessible directly from the Internet (i. e.
not through a proxy) and uses packet-filtering as its firewalling strategy.
--TP
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/k12osn/attachments/20080723/4ae2320c/attachment.htm>
More information about the K12OSN
mailing list