Solved

TCPDump Examples

Posted on 2014-03-25
9
411 Views
Last Modified: 2014-03-31
Heyas,

I can't seem to find a decent example of how to use the tcpdump with the following parameters.

tcpdump [ipaddress] [interface] [port]

Any assistance is welcome.

Thank you.
0
Comment
Question by:Zack
  • 5
  • 3
9 Comments
 
LVL 48

Accepted Solution

by:
Tintin earned 275 total points
ID: 39955225
tcpdump -i eth0 port 80 src 10.1.1.1
0
 
LVL 19

Expert Comment

by:simon3270
ID: 39955508
On RedHat I need

     tcpdump -i eth0 port 80 and src 10.1.1.1
0
 
LVL 19

Expert Comment

by:simon3270
ID: 39955594
You can make more complex statements too:

    tcpdump -i eth0 port 80 and \( src 10.10.10.101 or dst 10.10.10.102 \)
0
Ransomware-A Revenue Bonanza for Service Providers

Ransomware – malware that gets on your customers’ computers, encrypts their data, and extorts a hefty ransom for the decryption keys – is a surging new threat.  The purpose of this eBook is to educate the reader about ransomware attacks.

 

Author Closing Comment

by:Zack
ID: 39964716
Thank you for the info.
0
 
LVL 19

Expert Comment

by:simon3270
ID: 39964897
Just out of interest, which OS are you doing this on?

Thanks,
Simon
0
 

Author Comment

by:Zack
ID: 39965509
Knoppix
0
 
LVL 19

Expert Comment

by:simon3270
ID: 39966480
I think you may have accepted the wrong answer.  On Knoppix 7.2:

knoppix@Microknoppix:~$ sudo tcpdump -i eth0 port 80 src 10.1.1.1
tcpdump: syntax error
knoppix@Microknoppix:~$ sudo tcpdump -i eth0 port 80 and src 10.1.1.1
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 65535 bytes

Open in new window


It needs the "and".
0
 

Author Comment

by:Zack
ID: 39966700
It worked on the system I was on at the time, I was remotely logged into a Knoppix machine via SSH.
0
 
LVL 19

Expert Comment

by:simon3270
ID: 39966718
OK, no problem.
0

Featured Post

Master Your Team's Linux and Cloud Stack!

The average business loses $13.5M per year to ineffective training (per 1,000 employees). Keep ahead of the competition and combine in-person quality with online cost and flexibility by training with Linux Academy.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Setting up Secure Ubuntu server on VMware 1.      Insert the Ubuntu Server distribution CD or attach the ISO of the CD which is in the “Datastore”. Note that it is important to install the x64 edition on servers, not the X86 editions. 2.      Power on th…
Linux users are sometimes dumbfounded by the severe lack of documentation on a topic. Sometimes, the documentation is copious, but other times, you end up with some obscure "it varies depending on your distribution" over and over when searching for …
Learn how to get help with Linux/Unix bash shell commands. Use help to read help documents for built in bash shell commands.: Use man to interface with the online reference manuals for shell commands.: Use man to search man pages for unknown command…
This video shows how to set up a shell script to accept a positional parameter when called, pass that to a SQL script, accept the output from the statement back and then manipulate it in the Shell.

820 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question