Saturday, July 31, 2010

tcpdump

How to find right interface 

route get 
netstat -nr


To list all network interfaces
tcpdump -D
ifconfig -a | grep :

To capture traffic from interface eth0, source ip = 10.10.10.10 & destination ip = 10.10.10.11
tcpdump -i eth0 src 10.10.10.10 and dst 10.10.10.11

Reference: 
Manpage of TCPDUMP
http://www.tcpdump.org/tcpdump_man.html

A tcpdump Tutorial and Primer
http://danielmiessler.com/study/tcpdump/

Check The Routes
http://www.linuxhomenetworking.com/wiki/index.php/Quick_HOWTO_:_Ch35_:_Configuring_Linux_VPNs#Check_The_Routes

Using TCPdump

http://www.linuxhomenetworking.com/wiki/index.php/Quick_HOWTO_:_Ch35_:_Configuring_Linux_VPNs#Using_TCPdump

SANS POCKET REFERENCE GUIDE: TCP/IP and tcpdump
http://www.sans.org/security-resources/tcpip.pdf?ref=3871
Posted by at
Labels: ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Related post:

Related Posts with Thumbnails