Snoop the incoming TCP packets even no program is listening the port.

With snoop, I can capture the TCP packets if there is a program listening to a specific port.
Can I do the capture even if there is no program listening to a specific port.

I want to know if there is some traffic going to a port that no one is using it.
matchzAsked:
Who is Participating?
 
Hanno P.S.Connect With a Mentor IT Consultant and Infrastructure ArchitectCommented:
just use
   snoop port <port>
with <port> being a port number (as 25) or a service name (as smtp) in /etc/services)

0
 
Hanno P.S.Connect With a Mentor IT Consultant and Infrastructure ArchitectCommented:
To verify, you may do this:
a) on your server start: snoop port 10500
b) from any other system try: telnet server 10500

You should see something like this:
    client -> server  TCP D=10500 S=44386 Syn Seq=2797324187 Len=0 Win=24820 Options=<nop,nop,sackOK,mss 1460>
    server -> client  TCP D=44386 S=10500 Rst Ack=2797324188 Win=0

Cheers,
JustUNIX
0
 
NukfrorCommented:
Snoop is great.  You might also look at installing Ethereal.  **Very nice** GUI based packet sniffer.  It can even read in snoop packet traces.  And the price is right - its free !!
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.