22
Nov

tcpdump

   Posted by: admin   in Mẹo vặt của hiếu râu

tcpdump -i eth0 -nnn -w pcap-%Y-%m-%d-%H-%M-%S.pcap -G 60

-C MB , -W num files, -G second

incomming TCP syn group by port

tcpdump -tttt -nn -r pcap-2016-11-22_10:42:32.pcap ‘tcp and dst 127.0.0.1 and tcp[13]=2′ | cut -f 6 -d ‘ ‘ | cut -f 5 -d ‘.’ | sort | uniq -c

incoming http syn group by source ip

tcpdump -tttt -nn -r pcap-2016-11-22_10:43:32.pcap ‘tcp and dst 127.0.0.1 and tcp[13]=2 and port 80′ | cut -f 4 -d ‘ ‘ | cut -f 1-4 -d ‘.’ | sort | uniq -c | sort -nr

Fin = 1

Syn = 2

Rst = 4

Psh = 8

Ack = 16

Ugent = 32

This entry was posted on Tuesday, November 22nd, 2016 at 11:24 am and is filed under Mẹo vặt của hiếu râu. You can follow any responses to this entry through the RSS 2.0 feed. Both comments and pings are currently closed.

Comments are closed at this time.

Back to top