Hello everyone, so I'm getting this tcpdump, and it looks like..quite a mess... Can anyone decipher this? I can tell that one IP is requesting DNS info? but I'm having trouble finding out what some of the fields actually mean..
I know the first set of numbers if the time stamp...the 2nd is the IP address..and the next is the destination IP...with the port number after the semicolon. What comes next the '243/2/7 is what confuses me... I know SOA is the start of authority but what does it all mean together? I have a huuuge flood of traffic with these type of output..Can some one break this down for me?
I have two net-card. one is 172.16.24.99(ENG) ,another is 172.16.25.99(ENG-B). Both masks is 255.255.255.0.
I will monitor data on the tcp port 8055 in ENG, How do I set option of tcpdump command (2 Replies)
I wrote a short BASH script to run tcpdump and save the output to a log file for when I'm away from my desk. The script runs fine normally, but fails to start in cron. Any ideas?
#!/bin/bash
today=`date +%Y%m%d`
tcpdump -i eth0 -s 1500 -w ${today}.cap &
exit (5 Replies)
hello, i have a lot of pcap files (tcpdump output) that i want to compare.
every tcpdump output has two file, server and client.
what i want to do is:
1. take timestamp, source address, destination address, and packet id from each file (server and client)
2. find the packets sent from... (0 Replies)
i would like to know about tcpdump
i would like to use tcpdump to get information about these
- Date
- time
- source hostname
- source mac address
- source ip address
- destination ip address
- see outbound only
then i use command like this
tcpdump -i le0 -n -q -tttt -e src net... (0 Replies)
i would like to know about tcpdump
i would like to use tcpdump to get information about these
- Date
- time
- source hostname
- source mac address
- source ip address
- destination ip address
- see outbound only
then i use command like this
tcpdump -i le0 -n -q -tttt -e src net... (2 Replies)
i am trying to write a script to parse some tcpdump output, in each line of the tcpdump output, I know for sure there are 3 keywords exist:
User{different usernamehere}
NAS_ipaddr{different ip here}
Calling_station{ip or dns name here}
But the positions for these 3 keywords in the... (4 Replies)
Hi,
I am trying to capture manually crafted IP packets, created using Scapy, to a pcap file that can later be replayed using tcpreplay.
When using wireshark, I can successfully capture these packets and view them in wireshark.
However, when using tcpdump, these packets are then shown in... (2 Replies)
Hi.
Need Help with TcpDump
Trying to sniff associatio-request with tcpdump but when i run this tcpdump -i eth0 wlan subtype assoc-req i get this error
can anyone help me with this error ? Thanks alot !!:) (1 Reply)
I've recently started learning to use TCPdump, and I find it pretty interesting. There's one thing I don't understand. When I tell it to capture packets on, say, the WiFi interface en1, it often captures packets sent or received by other hosts on the network. How can it do this? My... (3 Replies)
Discussion started by: Ultrix
3 Replies
LEARN ABOUT XFREE86
pts_listentries
PTS_LISTENTRIES(1) AFS Command Reference PTS_LISTENTRIES(1)NAME
pts_listentries - Displays all users or groups in the Protection Database
SYNOPSIS
pts listentries [-users] [-groups] [-cell <cell name>]
[-noauth] [-localauth] [-force] [-help]
pts liste [-u] [-g] [-c <cell name>] [-n] [-l]
[-f] [-h]
DESCRIPTION
The pts listentries command displays the name and AFS ID of all Protection Database entries of the indicated type. It also displays the AFS
ID of each entry's owner and creator.
To display all user and machine entries, either include the -users flag or omit both it and the -groups flag. To display all group
entries, include the -groups flag. To display all entries, provide both flags.
OPTIONS -users
Displays user and machine entries.
-groups
Displays group entries.
-cell <cell name>
Names the cell in which to run the command. For more details, see pts(1).
-force
Enables the command to continue executing as far as possible when errors or other problems occur, rather than halting execution at the
first error.
-help
Prints the online help for this command. All other valid options are ignored.
-localauth
Constructs a server ticket using a key from the local /etc/openafs/server/KeyFile file. Do not combine this flag with the -cell or
-noauth options. For more details, see pts(1).
-noauth
Assigns the unprivileged identity anonymous to the issuer. For more details, see pts(1).
OUTPUT
The output includes a line for each entry, with information in four columns that have the following headers:
Name
The entry's name.
ID The entry's AFS ID (AFS UID for a user or machine, negative AFS GID for a group).
Owner
The AFS ID of the user or group that owns the entry.
Creator
The AFS ID of the user who created the entry (the system:administrators group is listed as the creator of the entry for "anonymous" and
the system groups, but it is not otherwise possible for a group to create groups).
In general, the entries appear in the order in which they were created.
EXAMPLES
The following example displays both user and group entries.
% pts listentries -users -groups
Name ID Owner Creator
system:administrators -204-204-204
system:anyuser -101-204-204
system:authuser -102-204-204
anonymous 32766 -204-204
admin 1 -204 32766
pat 100 -204 1
smith 101 -204 1
pat:friends -206 100 100
staff -207-204 1
PRIVILEGE REQUIRED
The issuer must belong to the system:administrators group.
SEE ALSO pts(1), pts_creategroup(1), pts_createuser(1), pts_examine(1)COPYRIGHT
IBM Corporation 2000. <http://www.ibm.com/> All Rights Reserved.
This documentation is covered by the IBM Public License Version 1.0. It was converted from HTML to POD by software written by Chas
Williams and Russ Allbery, based on work by Alf Wachsmann and Elizabeth Cassell.
OpenAFS 2014-04-08 PTS_LISTENTRIES(1)