Created
July 12, 2018 14:09
-
-
Save ronokdev/eba6f4a5a51d7174a92b674cb3205fd9 to your computer and use it in GitHub Desktop.
How to do TCPDUMP
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ::: RefUrl | |
| → https://www.tecmint.com/12-tcpdump-commands-a-network-sniffer-tool/ | |
| → https://linuxtechlab.com/learn-use-tcpdump-command-examples/ | |
| → https://www.thegeekstuff.com/2010/08/tcpdump-command-examples | |
| ::: Install TCPdump command → yum install tcpdump | |
| ::: To write tcpdump from 'server_A'(eth0) IP to 'server_B' | |
| → tcpdump -w fileName.pcap server_A_ip -i eth0 server_B_ip | |
| ::: Example : | |
| Suppose , we want to get the Tcp-Dump from eth0 to 192.168.22.22 and store the it to a file. | |
| For this we have to run the below command : | |
| → tcpdump -w test_v2.pcap -A -i eth0 dst 192.168.22.22 | |
| → The 'test_v2.pcap' is a wireshark file. | |
| → Need to have wireshark installed for opening the file. | |
| → 'test_v2.pcap' → will be available on centos path → '/root/' |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
To Check the eth0 IP address, we need to run the below COMMAND
→ cat /etc/sysconfig/network-scripts/ifcfg-eth0