[Last Call] Learn about multicloud storage options and how to improve your company's cloud strategy. Register Now

x
?
Solved

TCPDump Examples

Posted on 2014-03-25
9
Medium Priority
?
434 Views
Last Modified: 2014-03-31
Heyas,

I can't seem to find a decent example of how to use the tcpdump with the following parameters.

tcpdump [ipaddress] [interface] [port]

Any assistance is welcome.

Thank you.
0
Comment
Question by:Zack
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 3
9 Comments
 
LVL 48

Accepted Solution

by:
Tintin earned 1100 total points
ID: 39955225
tcpdump -i eth0 port 80 src 10.1.1.1
0
 
LVL 20

Expert Comment

by:simon3270
ID: 39955508
On RedHat I need

     tcpdump -i eth0 port 80 and src 10.1.1.1
0
 
LVL 20

Expert Comment

by:simon3270
ID: 39955594
You can make more complex statements too:

    tcpdump -i eth0 port 80 and \( src 10.10.10.101 or dst 10.10.10.102 \)
0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 

Author Closing Comment

by:Zack
ID: 39964716
Thank you for the info.
0
 
LVL 20

Expert Comment

by:simon3270
ID: 39964897
Just out of interest, which OS are you doing this on?

Thanks,
Simon
0
 

Author Comment

by:Zack
ID: 39965509
Knoppix
0
 
LVL 20

Expert Comment

by:simon3270
ID: 39966480
I think you may have accepted the wrong answer.  On Knoppix 7.2:

knoppix@Microknoppix:~$ sudo tcpdump -i eth0 port 80 src 10.1.1.1
tcpdump: syntax error
knoppix@Microknoppix:~$ sudo tcpdump -i eth0 port 80 and src 10.1.1.1
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 65535 bytes

Open in new window


It needs the "and".
0
 

Author Comment

by:Zack
ID: 39966700
It worked on the system I was on at the time, I was remotely logged into a Knoppix machine via SSH.
0
 
LVL 20

Expert Comment

by:simon3270
ID: 39966718
OK, no problem.
0

Featured Post

Get free NFR key for Veeam Availability Suite 9.5

Veeam is happy to provide a free NFR license (1 year, 2 sockets) to all certified IT Pros. The license allows for the non-production use of Veeam Availability Suite v9.5 in your home lab, without any feature limitations. It works for both VMware and Hyper-V environments

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

It’s 2016. Password authentication should be dead — or at least close to dying. But, unfortunately, it has not traversed Quagga stage yet. Using password authentication is like laundering hotel guest linens with a washboard — it’s Passé.
In part one, we reviewed the prerequisites required for installing SQL Server vNext. In this part we will explore how to install Microsoft's SQL Server on Ubuntu 16.04.
Connecting to an Amazon Linux EC2 Instance from Windows Using PuTTY.
If you're a developer or IT admin, you’re probably tasked with managing multiple websites, servers, applications, and levels of security on a daily basis. While this can be extremely time consuming, it can also be frustrating when systems aren't wor…
Suggested Courses

650 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question