tcpdump:
View text 'live':
This shows all traffic on interface eth0 going thru a port:- sudo tcpdump -n -i eth0 port target_port
Example: Show text on port 8125:
(-A -s 0 = show text so we can grep)
- sudo tcpdump -n -i eth0 port 8125 -A -s 0
Example: Listen for PINGS on interface eth0:
- sudo tcpdump -n -i eth0 icmp and net 10.100.0.0/16
Wireshark (More detail in tcpdumps):
- sudo tcpdump -n -i vboxnet0 -s 0 -w the.dump tcp
( -i vboxnet0 = the virtual box interface try eth0 for your own box - run $ ip addr )
Flags:
- S = SYN (sync)
- . = ACK
- P = data
(do network stuff)
wireshark the.dump
No comments:
Post a Comment