[redhat-lspp] Wireshark support for CIPSO (tags 1,2,5)
Paul Moore
paul.moore at hp.com
Wed Jan 17 21:04:15 UTC 2007
On Wednesday, January 17 2007 3:40 pm, Steve Grubb wrote:
> Out of curiosity, does tcpdump understand CIPSO? I believe it to be in
> security targets but am not 100% sure.
I don't believe tcpdump can parse the CIPSO option, no. Although to be honest
I personally find it much easier to capture the packets with tcpdump and then
examine them offline using wireshark/ethereal.
--
paul moore
linux security @ hp
More information about the redhat-lspp
mailing list