Difference between revisions of "TcpDump"

From Vague Hope Wiki
Jump to: navigation, search
 
Line 1: Line 1:
 
  tcpdump -i eth0 tcp port 80 -w foo.$(date +'%Y%m%d-%H%M%S').pcap
 
  tcpdump -i eth0 tcp port 80 -w foo.$(date +'%Y%m%d-%H%M%S').pcap
 
  tcpdump -i eth0 "(host 10.0.1.1 or 10.0.1.2) and tcp port 8000" -w foo.$(date +'%Y%m%d-%H%M%S').pcap
 
  tcpdump -i eth0 "(host 10.0.1.1 or 10.0.1.2) and tcp port 8000" -w foo.$(date +'%Y%m%d-%H%M%S').pcap
 +
 +
 +
http.time || tcp.analysis.retransmission || _ws.expert.severity >= 0x00600000

Latest revision as of 02:15, 16 February 2016

tcpdump -i eth0 tcp port 80 -w foo.$(date +'%Y%m%d-%H%M%S').pcap
tcpdump -i eth0 "(host 10.0.1.1 or 10.0.1.2) and tcp port 8000" -w foo.$(date +'%Y%m%d-%H%M%S').pcap


http.time || tcp.analysis.retransmission || _ws.expert.severity >= 0x00600000