Tree_PRO
asked on
Help with TCPDump commands.
Dear experts,
I would like to use tcpdump to capture all the traffic between my pc and the target host.
I know that the tcpdump it will capture all traffic from the source that I will specify such as eth0
The question: I want the tcpdump to go and connect to target host and save all packets that received from the host in a file for a further analysis ? Can I do that with tcpdump or the tcpdump can not go and interact with target host ?
If the tcpdump can not go and interact with other hosts, what is the best way to do that interaction with target hosts and then save all packets between us and hosts.
I will be happy for any answers and suggestions.
Thanks in advance.
Best regards.
I would like to use tcpdump to capture all the traffic between my pc and the target host.
I know that the tcpdump it will capture all traffic from the source that I will specify such as eth0
The question: I want the tcpdump to go and connect to target host and save all packets that received from the host in a file for a further analysis ? Can I do that with tcpdump or the tcpdump can not go and interact with target host ?
If the tcpdump can not go and interact with other hosts, what is the best way to do that interaction with target hosts and then save all packets between us and hosts.
I will be happy for any answers and suggestions.
Thanks in advance.
Best regards.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
When you run tcpdump, it will run in the console session you started it from. It will also give a live packet count to give you an idea if its working or not.
To stop it, I'm afraid the only way is to hit Ctrl-C as you said.
HTH
To stop it, I'm afraid the only way is to hit Ctrl-C as you said.
HTH
ASKER
Thanks man for helping me :)
Regards.
Regards.
ASKER
Thanks for the reply, useful and short.
In this sitation, I would use another tool to interact with the host, the work will be like this:
1- run tcpdum and save all data to file
2- interact to host by another tool
3- stop tcpdump from capturing data.
About the point 3 , stop the tcpdump after finish from interact, is there any way to do that from the command line for example:
>tcpdump - (stop)
Or I have to stop it manually by control and C.