Feeds:
Posts
Comments

Archive for the ‘Network’ Category

TCPdump usage

Syntax:    || Protocol    Direction    Hosts    Value    Logical Operations    Other Expression

Example:    || tcp               dst             10.1.1.0     80                 and                             tcp dst 10.2.2.2 3128

  • Protocols: ether, fddi, ip, arp, rarp, decnet, lat, sca, moprc, tcp and udp
  • Direction: src, dst, src and dst, src or dst
  • Hosts: net, port, hosts, portrange
  • Logical Operations: not, and, or

TCPdump usage:

  1. #tcpdump :::::: display the standard TCPdump output
  2. #tcpdump -v :::::: display the verbose output
  3. #tcpdump -D :::::: available network interfaces for the capture
  4. #tcpdump -n ::::::: display numerical addresses rather than symbolic addresses
  5. #tcpdump -q :::::: display quick output
  6. #tcpdump -i eth0 :::::: capture the traffic of a particular interface
  7. #tcpdump udp :::::: capture the udp traffic
  8. #tcpdump port http :::::: capture tcp port 80 traffic
  9. #tcpdump -F filename :::::: capture the traffic from a filter stored in a file
  10. #tcpdump -c 20 :::::: stop the capture after 20 packets
  11. #tcpdump -w capture.log :::::: save the capture into a file
  12. #tcpdump -r capture.log :::::: read a capture file
Advertisements

Read Full Post »