Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

This is in AIX 5.3..Need to know the syntax oc tcpdump

Posted on 2010-11-11
5
Medium Priority
?
1,026 Views
Last Modified: 2012-05-10
This is in AIX 5.3  I need to know the syntax of tcpdump
Say there is server with hostname   xyz123...I need to know  all packets arriving at or departing from the server
0
Comment
Question by:aixtutorial
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
5 Comments
 

Author Comment

by:aixtutorial
ID: 34116834
I need to knoe the syntaxf tcpdump
0
 
LVL 25

Expert Comment

by:madunix
ID: 34119060
man tcpdump will give you lots of documentation after you install it
http://www.networkstuff.eu/index.php/Tcpdump_Masterclass
tcpdump syntax for a specific host:
#tcpdump -i INTERFACE -n host MY_IP
tcpdump syntax for a specific port:
#tcpdump -i INTERFACE -n port PORT_NO
you might want to capture the traffic with tcpdump and look at it with Wireshark (formerly Ethereal).
#tcpdump -i INTERFACE -p -s 0 -w /path/x.trace.pcap port port_no
After finishing the trace load the  pcap file into wireshark for a detailed analysis.
http://www.linuxjournal.com/article/6446
http://www.linuxjournal.com/article/6447
http://www.linux-magazine.com/w3/issue/80/Wireshark.pdf
http://publib.boulder.ibm.com/infocenter/aix/v6r1/index.jsp?topic=/com.ibm.aix.cmds/doc/aixcmds5/tcpdump.htm
0
 
LVL 68

Expert Comment

by:woolmilkporc
ID: 34119185
tcpdump host xyz123

Issued on host xyz123 the above will show all packets to and from xyz123

wmp
0
 
LVL 68

Accepted Solution

by:
woolmilkporc earned 1000 total points
ID: 34119262
Or use iptrace:

iptrace -e -d xyz123 -s xyz123  /tmp/xyz123.trace

"-e" puts the interface into promiscuous mode so the trace can be run from any host in the same subnet as xyz123.

To stop tracing locate the PID of iptrace with "ps -ef | grep iptrace" and kill it with TERM: "kill -15 PID" "-15" is important - any other signal will leave the iptrace kernel extension active!

To view the trace file use ipreport - "ipreport /tmp/xyz123.trace"

"man iptrace" and "man ipreport" have more info.

wmp

0
 
LVL 25

Expert Comment

by:madunix
ID: 34128951
please read ibm redbook AIX 5L Performance Tools Handbook and IBM eServer Certification Study Guide AIX 5L Performance and System Tuning for more info
http://www.redbooks.ibm.com/abstracts/SG246039.html?Open
http://www.redbooks.ibm.com/abstracts/SG246184.html?Open
0

Featured Post

Learn Veeam advantages over legacy backup

Every day, more and more legacy backup customers switch to Veeam. Technologies designed for the client-server era cannot restore any IT service running in the hybrid cloud within seconds. Learn top Veeam advantages over legacy backup and get Veeam for the price of your renewal

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Little introduction about CP: CP is a command on linux that use to copy files and folder from one location to another location. Example usage of CP as follow: cp /myfoder /pathto/destination/folder/ cp abc.tar.gz /pathto/destination/folder/ab…
Introduction We as admins face situation where we need to redirect websites to another. This may be required as a part of an upgrade keeping the old URL but website should be served from new URL. This document would brief you on different ways ca…
Learn several ways to interact with files and get file information from the bash shell. ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.
Suggested Courses

636 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question