|
|
Sponsored Content
Special Forums
IP Networking
i would like to know about tcpdump
Post 302215886 by incredible on Thursday 17th of July 2008 11:26:54 AM
07-17-2008
|
|
9 More Discussions You Might Find Interesting
1. Programming
I have two net-card. one is 172.16.24.99(ENG) ,another is 172.16.25.99(ENG-B). Both masks is 255.255.255.0.
I will monitor data on the tcp port 8055 in ENG, How do I set option of tcpdump command (2 Replies)
Discussion started by: chenhao_no1
2 Replies
2. UNIX for Dummies Questions & Answers
does anybody know what the -d -dd and -ddd options are used for ?
thanks (2 Replies)
Discussion started by: ant04
2 Replies
3. IP Networking
Hi, I got the following question regarding tcpdump and I would appreciate your help/feedback:
--Scenario
I am instructed to capture the network traffic by getting the tcpdump data/files of our network for every hour.
--Problem
Some of the connections are still open when the capture is done... (1 Reply)
Discussion started by: jinsunnyvale
1 Replies
4. Cybersecurity
i would like to know about tcpdump
i would like to use tcpdump to get information about these
- Date
- time
- source hostname
- source mac address
- source ip address
- destination ip address
- see outbound only
then i use command like this
tcpdump -i le0 -n -q -tttt -e src net... (0 Replies)
Discussion started by: chamnanpol
0 Replies
5. Linux
Hi,
I want to capture TCPDUMP of traffic, I tried doing this but did not find success..can anyone plz correct it.
# tcpdump -s0 -vv -w /home/osuresh/test_tcp_dump host 10.12.10.22 && port 161
bash: tcpdump: command not found
# tcpdump -s0 -vv -w /home/osuresh/test_tcp_dump host... (5 Replies)
Discussion started by: sureshcisco
5 Replies
6. UNIX for Dummies Questions & Answers
Hi Everyone,
anyone face "tcpdump -i any" does not work? i mean if i use -i eth0, can capture eth0, or use -i eth1 also can. but then tcpdump -i any, seems cannot capture packets. :confused:
please advice, thanks (2 Replies)
Discussion started by: jimmy_y
2 Replies
7. Shell Programming and Scripting
I'm new to the Unix/Linux world. I have taken classes and played with a few simple scripts but never had a real world application. Here is my problem.
What I need to do is every 15min between 8am and 5pm, run
tcpdump -s 2000 -w flowroute-0000.pcap
where the "0000" is the current time.
... (4 Replies)
Discussion started by: Nasasdge
4 Replies
8. Debian
Hi.
Need Help with TcpDump
Trying to sniff associatio-request with tcpdump but when i run this tcpdump -i eth0 wlan subtype assoc-req i get this error
can anyone help me with this error ? Thanks alot !!:) (1 Reply)
Discussion started by: SoulZB
1 Replies
9. IP Networking
I've recently started learning to use TCPdump, and I find it pretty interesting. There's one thing I don't understand. When I tell it to capture packets on, say, the WiFi interface en1, it often captures packets sent or received by other hosts on the network. How can it do this? My... (3 Replies)
Discussion started by: Ultrix
3 Replies
LEARN ABOUT XFREE86
nslookup
NSLOOKUP(1) BIND9 NSLOOKUP(1) NAME
nslookup - query Internet name servers interactively SYNOPSIS
nslookup [-option] [name | -] [server] DESCRIPTION
Nslookup is a program to query Internet domain name servers. Nslookup has two modes: interactive and non-interactive. Interactive mode allows the user to query name servers for information about various hosts and domains or to print a list of hosts in a domain. Non-interactive mode is used to print just the name and requested information for a host or domain. ARGUMENTS
Interactive mode is entered in the following cases: 1. when no arguments are given (the default name server will be used) 2. when the first argument is a hyphen (-) and the second argument is the host name or Internet address of a name server. Non-interactive mode is used when the name or Internet address of the host to be looked up is given as the first argument. The optional second argument specifies the host name or address of a name server. Options can also be specified on the command line if they precede the arguments and are prefixed with a hyphen. For example, to change the default query type to host information, and the initial timeout to 10 seconds, type: nslookup -query=hinfo -timeout=10 The -version option causes nslookup to print the version number and immediately exits. INTERACTIVE COMMANDS
host [server] Look up information for host using the current default server or using server, if specified. If host is an Internet address and the query type is A or PTR, the name of the host is returned. If host is a name and does not have a trailing period, the search list is used to qualify the name. To look up a host not in the current domain, append a period to the name. server domain lserver domain Change the default server to domain; lserver uses the initial server to look up information about domain, while server uses the current default server. If an authoritative answer can't be found, the names of servers that might have the answer are returned. root not implemented finger not implemented ls not implemented view not implemented help not implemented ? not implemented exit Exits the program. set keyword[=value] This command is used to change state information that affects the lookups. Valid keywords are: all Prints the current values of the frequently used options to set. Information about the current default server and host is also printed. class=value Change the query class to one of: IN the Internet class CH the Chaos class HS the Hesiod class ANY wildcard The class specifies the protocol group of the information. (Default = IN; abbreviation = cl) [no]debug Turn on or off the display of the full response packet and any intermediate response packets when searching. (Default = nodebug; abbreviation = [no]deb) [no]d2 Turn debugging mode on or off. This displays more about what nslookup is doing. (Default = nod2) domain=name Sets the search list to name. [no]search If the lookup request contains at least one period but doesn't end with a trailing period, append the domain names in the domain search list to the request until an answer is received. (Default = search) port=value Change the default TCP/UDP name server port to value. (Default = 53; abbreviation = po) querytype=value type=value Change the type of the information query. (Default = A; abbreviations = q, ty) [no]recurse Tell the name server to query other servers if it does not have the information. (Default = recurse; abbreviation = [no]rec) ndots=number Set the number of dots (label separators) in a domain that will disable searching. Absolute names always stop searching. retry=number Set the number of retries to number. timeout=number Change the initial timeout interval for waiting for a reply to number seconds. [no]vc Always use a virtual circuit when sending requests to the server. (Default = novc) [no]fail Try the next nameserver if a nameserver responds with SERVFAIL or a referral (nofail) or terminate query (fail) on such a response. (Default = nofail) RETURN VALUES
nslookup returns with an exit status of 1 if any query failed, and 0 otherwise. FILES
/etc/resolv.conf SEE ALSO
dig(1), host(1), named(8). AUTHOR
Internet Systems Consortium, Inc. COPYRIGHT
Copyright (C) 2004-2007, 2010, 2013-2017 Internet Systems Consortium, Inc. ("ISC") ISC
2014-01-24 NSLOOKUP(1)