SG UTM

Suggest, discuss, and vote on new ideas for SG UTM. The ultimate network security package.

Suggest an Idea...

Sophos appliance TCPDUMP

I would suggest to enable TCPDUMP option log for a more detailed view of network traffic

15 votes
Sign in
(thinking…)
Sign in with: Facebook Google Sophos Features & Ideas Laboratory
Signed in as (Sign out)

We’ll send you updates on this idea

Manuele Simeoni shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →

2 comments

Sign in
(thinking…)
Sign in with: Facebook Google Sophos Features & Ideas Laboratory
Signed in as (Sign out)
Submitting...
  • Aaron Mason commented  ·   ·  Flag as inappropriate

    I just enable shell and run tcpdump from the command line. Also allows one to drill down as deep as needed:

    # tcpdump -I reds0 ip dst 10.0.0.80 and not tcp port 3389

    If you need details, use the -w option to output to a file, scp it to your machine and open it with Wireshark.

    Would be nice to automate this, though. Put time/size limits on though, the pcap files can get very big very fast.

Feedback and Knowledge Base

icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.