Tcpdump: Difference between revisions

From DWIKI
 
(3 intermediate revisions by the same user not shown)
Line 3: Line 3:
*http://bencane.com/2014/10/13/quick-and-practical-reference-for-tcpdump/
*http://bencane.com/2014/10/13/quick-and-practical-reference-for-tcpdump/
*https://hackertarget.com/tcpdump-examples/
*https://hackertarget.com/tcpdump-examples/
= Tools =
*wireshark


=FAQ=
=FAQ=
Line 15: Line 18:
==tcpdump: NFLOG link-layer type filtering not implemented==
==tcpdump: NFLOG link-layer type filtering not implemented==
Try adding interface (-i)
Try adding interface (-i)
==tcpdump: Mask syntax for networks only==
To match a subnet use '''net''' instead of '''host'''
[[Category:Networking]]

Latest revision as of 08:32, 5 July 2023

Docs

Tools

  • wireshark

FAQ

human readable output

tcpdump -lnX


look for host and port

tcpdump -i ens192 host 192.168.101.3 and tcp port 993


tcpdump: NFLOG link-layer type filtering not implemented

Try adding interface (-i)


tcpdump: Mask syntax for networks only

To match a subnet use net instead of host