08-06-2015
But I'm on a switched network, so the network switch will filter out packets not destined for my computer and I will not receive them. I can understand why I would be getting those packets if the network were using a hub, since a hub just broadcasts packets to all hosts, but a switch will only send them to the host they are addressed to.
9 More Discussions You Might Find Interesting
1. Programming
I have two net-card. one is 172.16.24.99(ENG) ,another is 172.16.25.99(ENG-B). Both masks is 255.255.255.0.
I will monitor data on the tcp port 8055 in ENG, How do I set option of tcpdump command (2 Replies)
Discussion started by: chenhao_no1
2 Replies
2. UNIX for Dummies Questions & Answers
does anybody know what the -d -dd and -ddd options are used for ?
thanks (2 Replies)
Discussion started by: ant04
2 Replies
3. IP Networking
Hi, I got the following question regarding tcpdump and I would appreciate your help/feedback:
--Scenario
I am instructed to capture the network traffic by getting the tcpdump data/files of our network for every hour.
--Problem
Some of the connections are still open when the capture is done... (1 Reply)
Discussion started by: jinsunnyvale
1 Replies
4. Cybersecurity
i would like to know about tcpdump
i would like to use tcpdump to get information about these
- Date
- time
- source hostname
- source mac address
- source ip address
- destination ip address
- see outbound only
then i use command like this
tcpdump -i le0 -n -q -tttt -e src net... (0 Replies)
Discussion started by: chamnanpol
0 Replies
5. IP Networking
i would like to know about tcpdump
i would like to use tcpdump to get information about these
- Date
- time
- source hostname
- source mac address
- source ip address
- destination ip address
- see outbound only
then i use command like this
tcpdump -i le0 -n -q -tttt -e src net... (2 Replies)
Discussion started by: chamnanpol
2 Replies
6. Linux
Hi,
I want to capture TCPDUMP of traffic, I tried doing this but did not find success..can anyone plz correct it.
# tcpdump -s0 -vv -w /home/osuresh/test_tcp_dump host 10.12.10.22 && port 161
bash: tcpdump: command not found
# tcpdump -s0 -vv -w /home/osuresh/test_tcp_dump host... (5 Replies)
Discussion started by: sureshcisco
5 Replies
7. UNIX for Dummies Questions & Answers
Hi Everyone,
anyone face "tcpdump -i any" does not work? i mean if i use -i eth0, can capture eth0, or use -i eth1 also can. but then tcpdump -i any, seems cannot capture packets. :confused:
please advice, thanks (2 Replies)
Discussion started by: jimmy_y
2 Replies
8. Shell Programming and Scripting
I'm new to the Unix/Linux world. I have taken classes and played with a few simple scripts but never had a real world application. Here is my problem.
What I need to do is every 15min between 8am and 5pm, run
tcpdump -s 2000 -w flowroute-0000.pcap
where the "0000" is the current time.
... (4 Replies)
Discussion started by: Nasasdge
4 Replies
9. Debian
Hi.
Need Help with TcpDump
Trying to sniff associatio-request with tcpdump but when i run this tcpdump -i eth0 wlan subtype assoc-req i get this error
can anyone help me with this error ? Thanks alot !!:) (1 Reply)
Discussion started by: SoulZB
1 Replies
LEARN ABOUT DEBIAN
pcapdump
pcapdump(1) pcapdump(1)
NAME
pcapdump - dedicated packet capture utility
SYNOPSIS
pcapdump [OPTIONS]...
DESCRIPTION
pcapdump captures packets from a network interface and writes them to a dumpfile. The filename argument given to -w will be formated by
strftime(3).
PCAPNET OPTIONS
-i interface
Input interface to read packets from.
-r pcap file
Dump file to read packets from.
-w pcap file
Dump file to write filtered packets to.
-f expression
BPF expression which selects packets to be filtered.
-s snaplen
Capture snaplen bytes of data from each packet.
-p Disable promiscuous mode sniffing.
PROGRAM OPTIONS
-u owner
Set the output file's owning user to owner.
-g group
Set the output file's owning group to group.
-m mode
Set the output file's mode to mode, specified in octal.
-t secs
Dump file rotation interval in seconds.
-c count
Exit after capturing count packets.
-T secs
Exit after capturing during this amount of seconds.
-H Only capture link, network, and transport headers; do not capture application-layer data.
-S sample value
Sample the packet stream by only dumping 1 in every sample value packets.
-R Together with -S, sample the packets randomly, not systematically.
-P pidfile
Daemonize the process and write its PID to pidfile.
-C config file
File to read configuration variables from. Instead of passing configuration through the command line, a file can be used to specify
values for the bpf, device, filefmt, group, interval, mode, owner, promisc, and snaplen options (not all need to be specified; de-
faults will be used otherwise). See /usr/share/doc/pcaputils/examples/pcapdump/eth0 for an example.
9 May 2009 pcapdump(1)