[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 2787
  • Last Modified:

Snoop the incoming TCP packets even no program is listening the port.

With snoop, I can capture the TCP packets if there is a program listening to a specific port.
Can I do the capture even if there is no program listening to a specific port.

I want to know if there is some traffic going to a port that no one is using it.
0
matchz
Asked:
matchz
  • 2
2 Solutions
 
Hanno P.S.IT Consultant and Infrastructure ArchitectCommented:
just use
   snoop port <port>
with <port> being a port number (as 25) or a service name (as smtp) in /etc/services)

0
 
Hanno P.S.IT Consultant and Infrastructure ArchitectCommented:
To verify, you may do this:
a) on your server start: snoop port 10500
b) from any other system try: telnet server 10500

You should see something like this:
    client -> server  TCP D=10500 S=44386 Syn Seq=2797324187 Len=0 Win=24820 Options=<nop,nop,sackOK,mss 1460>
    server -> client  TCP D=44386 S=10500 Rst Ack=2797324188 Win=0

Cheers,
JustUNIX
0
 
NukfrorCommented:
Snoop is great.  You might also look at installing Ethereal.  **Very nice** GUI based packet sniffer.  It can even read in snoop packet traces.  And the price is right - its free !!
0

Featured Post

Prep for the ITIL® Foundation Certification Exam

December’s Course of the Month is now available! Enroll to learn ITIL® Foundation best practices for delivering IT services effectively and efficiently.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now