TcpDump

From Vague Hope Wiki
Revision as of 02:15, 16 February 2016 by Haku (Talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search
tcpdump -i eth0 tcp port 80 -w foo.$(date +'%Y%m%d-%H%M%S').pcap
tcpdump -i eth0 "(host 10.0.1.1 or 10.0.1.2) and tcp port 8000" -w foo.$(date +'%Y%m%d-%H%M%S').pcap


http.time || tcp.analysis.retransmission || _ws.expert.severity >= 0x00600000