On Tue, 20 Jan 2004, Hans-Christian Prytz wrote:
> I'm trying to do this now, but I haven't been able to reproduce the
> problem in a controlled environment so far.
If you can I would be very interested in tcpdump captures including
payload of the client and server traffic where this poisoning gets
inserted into the cache (clients requests after the cache has been
poisoned is not interesting)
On the proxy
tcpdump -i any -s 1600 -w dump.out
Then use ngrep to find the relevant TCP sessions, and isolate these by
using tcpdump on the same file..
tcpdump -r dump.out -w session-X.tcpdump host x.x.x.x port xxxx
Regards
Henrik
Received on Tue Jan 20 2004 - 11:07:08 MST
This archive was generated by hypermail pre-2.1.9 : Sun Feb 01 2004 - 12:00:07 MST