In addition to Weibo, there is also WeChat
Please pay attention
WeChat public account
Shulou
2025-09-23 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Development >
Share
Shulou(Shulou.com)06/01 Report--
Editor to share with you how to use the tcpdump command of Linux. I hope you will get something after reading this article. Let's discuss it together.
The tcpdump command is a Datagram sniffing tool based on the command line of the unix system, which can grab data packets flowing on the network card.
In general, the Linux system will come with tcpdump tools, if the system is not installed, just use the command to install it.
Installation commands: yum install-y tcpdump teaches you to use tcpdump commands in Linux to use tcpdump commands in Linux to view installation commands: tcpdump-- help teaches you to use tcpdump commands in Linux and teaches you to use tcpdump commands in Linux
View the network card command:
God teaches you to use tcpdump commands in Linux. God teaches you to use tcpdump commands in Linux.
Knowing the network card, you can use the tcpdump tool to monitor and filter the network data for the network card on the server.
Common tcpdump commands:
# grab all network data that passes through eth0 with the destination or source address of 192.168.29.162
Command: tcpdump-n-I eth0 host 192.168.29.162
# Source address
Command: tcpdump-I eth2 src host 192.168.29.162
# destination address
Command: tcpdump-I eth2 dst host 192.168.29.162
# grab the network data of the current server eth0 Nic port 8080
Command: tcpdump-n-I eth0 port 8080
# fetching sql statements executed by mysql
Command: tcpdump-I eth2-s 0-l-w-dst port 3306 | strings
# grab the network packet of mysql communication (cap is opened with wireshark)
Command tcpdump-n-nn-tttt-I eth0-s 65535 'port 3306'-w 20160505mysql.cap
# fetching SMTP data
Command: tcpdump-I eth2'tcp [tcpflags] & tcp-syn! = 0 and tcp [tcpflags] & tcp-ack! = 0'
# grab HTTP GET data. The hexadecimal value of "GET" is 47455420
Command: tcpdump-I eth2 'tcp [(tcp [12] > > 2): 4] = 0x47455420'
# fetching SSH returned. The hexadecimal of "SSH-" is 0x5353482D.
Command: tcpdump-I eth2 'tcp [(tcp [12] > > 2): 4] = 0x5353482D'
# grab the GET packet of port number 8080 in real time, and then write it to GET.log
Command: tcpdump-I eth0'((port 8080) and (tcp [(tcp [12] > > 2): 4] = 0x47455420))'- nnAl-w / tmp/GET.log
# crawl specifies the number of SYN, and the-c parameter specifies how many packets to grab.
Command: time tcpdump-nn-I eth0'tcp [tcpflags] = tcp-syn'-c 10
After reading this article, I believe you have a certain understanding of "how to use the tcpdump command of Linux". If you want to know more about it, you are welcome to follow the industry information channel. Thank you for reading!
Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.
Views: 0
*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.
The market share of Chrome browser on the desktop has exceeded 70%, and users are complaining about
The world's first 2nm mobile chip: Samsung Exynos 2600 is ready for mass production.According to a r
A US federal judge has ruled that Google can keep its Chrome browser, but it will be prohibited from
Continue with the installation of the previous hadoop.First, install zookooper1. Decompress zookoope
About us Contact us Product review car news thenatureplanet
More Form oMedia: AutoTimes. Bestcoffee. SL News. Jarebook. Coffee Hunters. Sundaily. Modezone. NNB. Coffee. Game News. FrontStreet. GGAMEN
© 2024 shulou.com SLNews company. All rights reserved.
12
Report
