<div dir="ltr">Dear Professor,<div><br></div><div>It is acceptable to use <b>vi </b>to edit tcpdump's dump file (first capture the stdout of tcpdump to <b>tee </b>then to a file and then edit using <b>vi</b>) or do we have to explicitly capture only the UDP/ICMP packets using tcpdump ?</div><div><br></div><div>Because, I think in the latter part, it will capture some extra packets as well (it won't be purely UDP and ICMP, i.e., some of the captures will not have "udp" or "icmp" word in them).</div><div><div><br></div>-- <br><div class="gmail_signature"><div dir="ltr"><div><div dir="ltr"><div><div dir="ltr"><div><font face="trebuchet ms, sans-serif" size="4"><br></font></div><div><font face="trebuchet ms, sans-serif" size="4"><br></font></div><div><font face="trebuchet ms, sans-serif" size="4"><br></font></div><font face="trebuchet ms, sans-serif" size="4">Student,<div><font face="trebuchet ms, sans-serif" size="4">Avineshwar Pratap Singh,</font></div><div><font face="Trebuchet MS" size="4">MS (in CyberSecurity),</font></div><div><font face="Trebuchet MS" size="4">Stevens Institute of Technology</font></div><div><br></div><div><div style="width:100%;color:blue;background-color:white"><a style="color:blue;text-decoration:underline!important" href="https://ws.evercontact.com/kwaga-bin/titan/WEB/me.pl/4177400521440368238/i" target="_blank">[+] <span>Add me to your address book</span></a></div></div></font></div></div></div></div></div></div>
</div></div>