Highest Voted 'tcpdump' Questions - Server Fault Stack Exchange

0

votes

3 answers

Monitor traffic between two network switches using a transparent firewall

For debugging reasons i need to see what network traffic especially TCP is transmitted or not. I thought about using an Endian firewall for this, but it doesn't support 2 network interfaces with the same IP range. I am looking for a Linux solution…

asked Apr 22 '13 at 12:23

Dukeatcoding

149
1
9

0

votes

1 answer

Getting packet rate with tcpdump or iptables

I need to get the rate at which certain packets (i.e. LDAP) arrive on a interface in a linux environment. I was thinking of using tcpdump to filter the wanted packets and subsequently monitor the rate at which rx packets are seen. Perhaps by…

iptables tcpdump packet

asked Apr 19 '13 at 09:18

vobelic

193
1
5
17

0

votes

2 answers

Tcpdump packet-PID correspondence

So I've installed winpcap and use windump: E:\>windump -i 2 -B 5000 -n -s 0 -l -C 1 -W 10 -e -q -X windump: listening on \Device\NPF_{9718B3B1-6C96-4431-889B-2B1A37BED06E} 01:25:23.029278 00:19:5b:42:7b:b0 > 00:1e:8c:39:ea:64, IPv4, length 85:…

windows windows-7 tcpdump

asked Apr 13 '13 at 21:28

Nakilon

128
1
1
8

0

votes

3 answers

logging HTTP traffic with tcpdump on a router

I have a linux box acting as a router between many clients and the internet, and i need to pull some statistics on usage: I need to log which internal IPs access which addresses externally. I use this to check which internal IPs access which…

logging router http tcpdump

asked Feb 15 '13 at 14:02

Jarmund

535
2
6
17

0

votes

1 answer

Application traffic classification with tcpdump

I have a trace file from my network. I would like to identify the top 10 applications used by us . Does tcpdump provide any application based filtering options ? Any details regarding this would be very helpful. Thanks.

wireshark tcpdump trace

asked Jan 24 '13 at 05:27

DaTaBomB

133
7

0

votes

1 answer

Filtering inbound traffic without knowing the destination subnet

I have a linux machine configured as a router with two interfaces facing LAN A and LAN B. I want to filter traffic passing from LAN A to LAN B (inbound traffic) using tcpdump, but I don't have the subnet information of the LANs (not this: dst net…

wireshark tcpdump packet-capture filtering

asked Jan 21 '13 at 18:34

Yasser

101
1

0

votes

1 answer

find common string to block IPs

Currently I have all these IPs coming in. Is there a way to find a common string in the content of the packets and then block the attack via IPTables? Oct 24 16:28:52 host kernel: [ 823.255566] Firewall: *SYNFLOOD Blocked* IN=eth0 OUT= MAC=…

linux centos security iptables tcpdump

asked Oct 24 '12 at 20:46

Thompson Smith

49
2
6

0

votes

1 answer

IPv6 DNS Lookup

I am trying to prevent a webserver to do IPv6 lookups (AAAA) to the DNS-server. The webserver has no IPv6 addresses set-up on the interfaces. Disabling IPv6 in sysctl.conf had no impact either, the webserver keeps sending both A and AAAA requests…

domain-name-system ipv6 tcpdump

asked Oct 11 '12 at 13:33

Jeroen

1,341
7
16

0

votes

1 answer

PPPoE Connection : "Generic-Error "RP-PPPoE: Child pppd process terminated"

I have 2 Ubuntu 64-bit Virtual Machines installed on Virtual Box.Their name and ip addresses are given below.I am trying to establish PPPoE connection between the two machines. nas 192.168.129.130 (This machine runs the PPPoE server) home …

networking isp tcpdump point-to-point-protocol pppoe

asked Aug 18 '12 at 01:11

liv2hak

303
4
13
25

0

votes

1 answer

Cannot get a TCPdump from MySQL

I am having quite a few problems on a tricky server. One of my main problems at the moment is that tcpdump cannot seem to get the packets sent to mysql, unless I tinker with MySQL a bit. This is what I run: tcpdump -s 65535 -x -nn -q -tttt -i any…

mysql tcpdump

asked Apr 27 '12 at 09:25

Jonathan

451
3
9

0

votes

1 answer

tcpdump/Wireshark on restricted virtual server

When I try to dump some traffic on my vserver's network interface, I get an error that I'm not allowed to do that: # tcpdump -p -i eth0 tcpdump: eth0: You don't have permission to capture on that device (socket: Operation not permitted) I guess the…

linux vps tcpdump

asked Feb 22 '12 at 21:25

AndiDog

321
2
5
19

0

votes

1 answer

How to sniff request packet on VPN server?

With some safe reasons, I need to sniff pptp cleint request packets, then to get dst ip and src ip, for example 10.5.1.100 -> 218.100.211.100 , I want to know the correct rule in tcpdump

vpn tcpdump packet-sniffer

asked Dec 20 '11 at 03:54

larry

4,037
9
36
42

0

votes

1 answer

TCP Sessions Hanging with Debian and iptables

Up until now I have been using a CentOS 5.x PC with 2x NICs running iptables as a router for my network. It worked great but recently I decided to get a DreamPlug which runs Debian 5.0.3/kernel 2.6.33.6 and use it to replace my CentOS router. I…

debian iptables tcpdump

asked Oct 04 '11 at 14:51

Vye

106
4

0

votes

1 answer

dhcp-server + iptables: Can't share ppp internet connection

I had this configuration before, and it used to work well, but now I got a new server and I can't setup it to share the internet connection from ppp0. I'm on Debian testing. The client connects directly on eth0 through a dhcp server, and it can get…

iptables ethernet tcpdump dhcp-server point-to-point-protocol

asked Aug 21 '11 at 07:27

vmassuchetto

111
4

0

votes

3 answers

shell record UDP stream from a specific address

I'm trying to record an incoming UDP stream (stream the sense that it's a stream of consecutive datagrams). I tried netcat but unfortunately multiple sources send data on the same port address and nc doesn't let you specify the source or the target…

udp tcpdump netcat

asked Aug 16 '11 at 18:23

Karoly Horvath

334
1
4
14

Questions tagged [tcpdump]