Skip to content

Instantly share code, notes, and snippets.

@packetchef

packetchef/tcpdump_and_tcp_flags.txt

Created August 1, 2020 15:43
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save packetchef/a0fde15154699129aa1571726ceab994 to your computer and use it in GitHub Desktop.
Save packetchef/a0fde15154699129aa1571726ceab994 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
tcpdump_and_tcp_flags.txt
"Unskilled attackers pester real security folk"
URG ACK PSH RST SYN FIN
[32] [16] [8] [4] [2] [1 ]
tcpdump bitmasking:
To find packets with the PSH flag set: tcpdump -nni eth0 'tcp[13] & 8!=0'
To find packets with the SYN and ACK flags set: tcpdump -nni eth0 'tcp[13] & 16!=0 && tcp[13] & 2!=0'
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment