Solved

TCPDump Examples

Posted on 2014-03-25
9
419 Views
Last Modified: 2014-03-31
Heyas,

I can't seem to find a decent example of how to use the tcpdump with the following parameters.

tcpdump [ipaddress] [interface] [port]

Any assistance is welcome.

Thank you.
0
Comment
Question by:Zack
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 3
9 Comments
 
LVL 48

Accepted Solution

by:
Tintin earned 275 total points
ID: 39955225
tcpdump -i eth0 port 80 src 10.1.1.1
0
 
LVL 19

Expert Comment

by:simon3270
ID: 39955508
On RedHat I need

     tcpdump -i eth0 port 80 and src 10.1.1.1
0
 
LVL 19

Expert Comment

by:simon3270
ID: 39955594
You can make more complex statements too:

    tcpdump -i eth0 port 80 and \( src 10.10.10.101 or dst 10.10.10.102 \)
0
Don't Miss ATEN at InfoComm 2017!

Visit booth #2167 to see the  new ATEN VM3200 32 x 32 Modular Matrix Switch. Other highlights include the VE8950 4K HDMI Over IP Extender, VS1912 12-Port DP Video Wall Media Player  and VK2100 ATEN Control System. Register now with Free Pass Code ATEN288!

 

Author Closing Comment

by:Zack
ID: 39964716
Thank you for the info.
0
 
LVL 19

Expert Comment

by:simon3270
ID: 39964897
Just out of interest, which OS are you doing this on?

Thanks,
Simon
0
 

Author Comment

by:Zack
ID: 39965509
Knoppix
0
 
LVL 19

Expert Comment

by:simon3270
ID: 39966480
I think you may have accepted the wrong answer.  On Knoppix 7.2:

knoppix@Microknoppix:~$ sudo tcpdump -i eth0 port 80 src 10.1.1.1
tcpdump: syntax error
knoppix@Microknoppix:~$ sudo tcpdump -i eth0 port 80 and src 10.1.1.1
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 65535 bytes

Open in new window


It needs the "and".
0
 

Author Comment

by:Zack
ID: 39966700
It worked on the system I was on at the time, I was remotely logged into a Knoppix machine via SSH.
0
 
LVL 19

Expert Comment

by:simon3270
ID: 39966718
OK, no problem.
0

Featured Post

Free learning courses: Active Directory Deep Dive

Get a firm grasp on your IT environment when you learn Active Directory best practices with Veeam! Watch all, or choose any amount, of this three-part webinar series to improve your skills. From the basics to virtualization and backup, we got you covered.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

SSH (Secure Shell) - Tips and Tricks As you all know SSH(Secure Shell) is a network protocol, which we use to access/transfer files securely between two networked devices. SSH was actually designed as a replacement for insecure protocols that sen…
In part one, we reviewed the prerequisites required for installing SQL Server vNext. In this part we will explore how to install Microsoft's SQL Server on Ubuntu 16.04.
Learn how to find files with the shell using the find and locate commands. Use locate to find a needle in a haystack.: With locate, check if the file still exists.: Use find to get the actual location of the file.:
Learn how to navigate the file tree with the shell. Use pwd to print the current working directory: Use ls to list a directory's contents: Use cd to change to a new directory: Use wildcards instead of typing out long directory names: Use ../ to move…

691 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question