Highest Voted 'tcpdump' Questions - Server Fault Stack Exchange

0

votes

0 answers

Can't see udp packets with nc command, works with tcpdump

I'm trying to capture UDP data using the nc (netcat) command but it doesn't output anything. What options/parameters do I need to pass to the nc command to get the output? tcpdump does show the UDP data. The reason I'm trying nc is that when I know…

asked Aug 21 '23 at 10:58

Martijn de Munnik

123
1
1
4

0

votes

1 answer

Find out what's causing the sudden rise in traffic?

My webserver (Debian Bullseye, Apache2) is serving about 50 (small) websites spread over 16 ip addresses. I just noticed that on one of the ip addresses, since the beginning of this month traffic has gone up from an average of 3k/s to an average of…

apache-2.4 tcpdump network-traffic debian-bullseye

asked Jun 20 '23 at 10:02

Zippy1970

247
1
4
12

0

votes

0 answers

Can't connect to MariaDB from internal VM Structure

S1 Virtual Machine 1: Ubuntu app server Virtual Machine 2: MariaDB 1 S2 Virtual Machine 3: Ubuntu app server Virtual Machine 4: MariaDB 2 from vm04 and 03 I can connect to DB1 with connection string with port 3306 but I can't connect DB2 from vm01…

virtualization tcp xen mariadb tcpdump

asked Feb 27 '23 at 10:49

gegentierversuche

1
1

0

votes

1 answer

tcpdump shows these hostnames - should I be worried

I'm investigatinmg a strnage hang with our NextCLoud instance and think it might be todo with a misconfigured hostname somewhere. I thought of using tcpdump to look at what addresses/names are being referenced. I ran the command tcpdump -i enp5s0 >…

tcpdump

asked Jan 02 '23 at 12:14

TenG

143
6

0

votes

1 answer

How to find out if TCP connection to server is being tampered with by third-parties?

I'm under an unreliable ISP/AS, something like the GFW. They actively try to sabotage a TCP+TLS session by attacks such as sending SYN RST to established connections, making the connection timeout, messing with handshaking etc. Is there a utility in…

networking network-monitoring tcpdump tcpip filtering

asked Dec 21 '22 at 06:36

Ragahito

1

0

votes

0 answers

tcpdump file cannot be created through crontab bash file

I have two scripts: /home/apps/backup.sh // Just invokes tcpdump.sh /home/apps/tcpdump.sh // Generate a tcpdump file backup.sh is scheduled by crontab dialy. backup.sh #!/bin/sh /home/apps/tcpdump.sh & tcpdump.sh #!/bin/sh pkill…

linux tcpdump

asked Dec 12 '22 at 19:17

user3637971

155
2
11

0

votes

1 answer

Tcpdump output file is not storing the destination IP address and port number

I'm capturing tcpdump packets. Even though, when I want to see the output by tcpdump -r I see destination hostname instead of address IP and service name instead of port number. Example: tcpdump -w /home/backup/out.bin -nn -i ens192 '(dst port…

linux tcpdump

asked Nov 24 '22 at 17:18

user3637971

155
2
11

0

votes

0 answers

Is it possible to use tcpdump directly with a virtual switch created with vde_switch

I am currently running a lab environment with qemu and a virtual switch (vde_switch). Since I am running on a Mac m1 (monterey), it was not possible to use a bridged connection (vde_switch does not have the -tap option on my Mac...). Therefore, I am…

networking mac qemu tcpdump virtual-network

asked Nov 10 '22 at 12:33

E. Jaep

293
1
3
14

0

votes

0 answers

Is there a way to capture packages by using tcpdump with ipset?

I got a big ipset and I want to capture networking packages related/not-related to these IPs. Is there a way to capture packages by using tcpdump with ipset as param?

tcpdump ipset

asked Nov 03 '22 at 05:34

Catscarlet

101
2

0

votes

0 answers

Trace Packets in Kubernetes

I am trying to trace packets using sniffer using (https://github.com/eldadru/ksniff) but I am unable to make out how to trace packets and check if cluster IP is in use for Nodeport SVC. I have the following scenario: app1_sts.yaml === apiVersion:…

kubernetes wireshark tcpdump

asked Oct 30 '22 at 20:34

drifter

1

0

votes

0 answers

using tcpdump how to capture only traffic between my server and elastic search database

I want to use tcpdump to capture traffic between my server and the elastic search database also I would like to capture traffic of one specific url POST https://vpc-my-es-3-abcd.us-east-1.es.amazonaws.com/idx_abc_prod/doc/_search

tcpdump

asked Oct 05 '22 at 09:49

kumar

309
2
8
22

0

votes

0 answers

Strongswan IPSec tunnel between linux and windows : "NO_PROPOSAL_CHOSEN"

I'm trying to set up a VPN tunnel between a win10 host and a ubuntu host. Below the configuration I have: /etc/ipsec.conf config setup charondebug=1 uniqueids=yes strictcrlpolicy=no conn %default ikelifetime=60m …

vpn ipsec tcpdump strongswan

asked Sep 19 '22 at 14:13

user2567674

1

0

votes

0 answers

Save all unique TCP/IP conversations

I have a tcpdump containing numerous HTTP sessions. I want to save each unique conversation i.e. SYN-to-FIN, in its own file using Wireshark (or any other tool if something else is better suited) without having to manually select/follow/save each…

wireshark tcpdump

asked Sep 08 '22 at 13:36

Waslap

173
5

0

votes

1 answer

Filter tcpdump by hostname using wildcard/regex with verbose output

Is it possible to create expression in tcpdump that would filter incoming packets with wildcard? Something like this: tcpdump -v -i bond0 -c 200 -Z root udp port 514 and src server-*.com It doesn't work ... I was only able to filter using exact…

bash linux-networking tcpdump

asked Aug 19 '22 at 09:01

Miroslav Cibulka

1
2

0

votes

1 answer

TCP packets being lost

I have some TCP packets being lost. I have monitored the interface with tcpdump pcap file - https://www.dropbox.com/s/7m3hr1b7065tenx/tcp.pcap?dl=0 I noticed that when I lose packets I only get 5 frames whereas I usually see 9. Example lost…

tcp wireshark tcpip tcpdump

asked Jul 27 '22 at 21:02

Ruby dev

1

Questions tagged [tcpdump]