Questions tagged [tcpdump]

tcpdump is a common packet analyzer that runs under the command line, utilizing BPF (Berkeley Packet Filter) language

tcpdump is a common packet analyzer that runs under the command line. It allows the user to intercept and display TCP/IP and other packets being transmitted or received over a network to which the computer is attached. tcpdump relies on the underlying libpcap packet capture library.

1045 questions

-1

votes

1 answer

how could i decrypt the below payload into human readable text?? kindly suggest me the algorithms and decoders

0x0000: 4500 00bc 0000 4000 4011 281d c0a8 c801 E.....@.@.(..... 0x0010: c0a8 c8c1 0035 2f16 00a8 bf52 1a74 8183 .....5/....R.t.. 0x0020: 0001 0000 0001 0000 0136 0139 0161 0163 .........6.9.a.c 0x0030: 0161 0136 0163 0135 0166 0130 0137 0137…

encoding tcpdump payload

asked Feb 15 '16 at 06:51

Tech

-1

votes

1 answer

How to get tcpdump to include layer 3 and 4 for packet size?

I use the command below to get inter arrival time of packets and length of packets: tcpdump -r example.pcap -n -ttt > result.txt The result is something like this: 00:00:00.000545 IP src-ip.52871 > dst-ip.39461: Flags [P.], seq 1:69, ack 1, win…

linux pcap tcpdump packet-capture

asked Oct 16 '15 at 14:03

amin.2014

-1

votes

2 answers

tcpdump and wireshark: Show timestamp

I run tcpdump on a remote host. I copy the dump to my linux workstation. I look at it with wireshark The customer tells: Please look at the traffic at 8 o'clock. ... I found no way to filter the traffic to a time range. I think I am missing…

wireshark tcpdump

asked Aug 28 '15 at 07:38

guettli

25,042
81
346
663

-1

votes

1 answer

How i can convert pcap files to txt files in Android?

I capture traffic using tcpdump, and save file in .pcap format. How can I convert this file to a plain text file, like Wireshark does?

android wireshark pcap tcpdump

asked Jul 24 '15 at 14:05

Miguel Freitas

-1

votes

1 answer

How to effectively capture traffic on port 5060 between specific time internals?

users. I want to capture traffic on port 5060 for one week in a file, than wants wireshark to rotate file and start capturing for next week with a different file name. I know little about tshark, dumpcap but wants to know, what is more effective way…

networking sip wireshark tcpdump

asked Apr 03 '15 at 16:17

user3310052

-1

votes

1 answer

How do I take web page content with TCPDump?

Is there a way to take the web page content with the TCPDump? E.g: I'm going to google.com and seaching for "test something testing". So, I go to the terminal and use the command: "tcpdump -A -c 200". Then I refresh the google page so the tcpdump…

tcpdump

asked Sep 03 '14 at 18:46

Rodrigo Marques

-1

votes

1 answer

Tcpdump from BASH

This might be a bit complicated, I'll do my best to explain. So I have a server running Bro/Snort IDS (not internet facing). On my Bro server I have a large number of pcaps of traffic obtained through a tap. What I'm trying to do is create a web…

php linux bash shell tcpdump

asked Jul 17 '14 at 23:30

Clownbaby

-1

votes

2 answers

How to examine TCP traffic to a particular port on unix?

I have an application, which goes and hit an Web Service and displays the data. The port to which the application establishes a TCP connection I discovered by using the lsof command. But I'm not sure how to capture packets destined for that port…

shell unix tcpdump

asked Mar 13 '14 at 09:24

sriram

8,562
19
63
82

-1

votes

2 answers

Need to monitor traffic on old cisco router

I have an old 2800 series router with ios 12.4(10) that I need to monitor traffic on an interface. Issue is the version of ios installed doesn't support traffic capture. I would love to update ios, but I'm not the one running the project. I…

cisco tcpdump packet-sniffers network-traffic cisco-ios

asked Sep 25 '13 at 15:17

notorious.no

4,919
3
20
34

-1

votes

1 answer

Wireshark - On which interface a packet arrived?

Does anybody know how can I find out what's the interface a packet arrived on? I captured packets with tcpdump using "-i any" and now I want to find out on what interface a certain packet was received. And another question, can I start tcpdump on an…

network-programming wireshark tcpdump

asked Jul 18 '13 at 14:23

Irina

-1

votes

1 answer

select watches socket fd wakes up too slow

I'm having a latency issue with select(). Actually I'm not sure if this is a problem with select() or not. Story is like below. I'm using select() to detect a socket fd event. After select() wakes up, I do recv() to get data stream from a socket…

linux select latency tcpdump recv

asked Jun 03 '13 at 00:46

user2313523

-1

votes

1 answer

IP filter on .cap file

how to apply filter on an existing .cap file ? so i have a .cap file and want to filter out one particular IP , what is the command for that . I am using wireshark . Thanks

filter ip wireshark tcpdump tshark

asked Jul 26 '12 at 14:38

helloworld0722

-2

votes

1 answer

python run tcpdump in remote server

(My purpose is to run tcpdump from python than exit the python script) I have to run tcpdump in remote server if i run tcp dump in generic syntax then my python program get stuck, if i run it in background then traces are not getting started just…

python tcpdump

asked Aug 23 '23 at 16:35

Milan Paliwal

-2

votes

2 answers

Cannot open include file: 'pcap.h'

I am trying to do one small pcap program in c++ and I am getting an error mentioned above. Below is the program I have written. #include #include #include #include void got_packet(u_char *args, const struct…

c++ pcap tcpdump libpcap

asked Dec 06 '22 at 11:30

Ashok kumar

-2

votes

3 answers

How to read perfectly a .pcap file

Using tcpdump im trying to sniff some packets. The result is this: reading from file /tmp/prueba.pcap, link-type LINUX_SLL (Linux cooked v1) 13:35:51.767194 IP6 fdc1:41d:9c3:dbef:a6e9:69f0:59aa:b70a.47193 > fdc1:41d:9c3:dbef:0:ff:fe00:8c00.47193:…

linux udp ipv6 pcap tcpdump

asked Sep 01 '22 at 15:06

Johnny

Prev 1 2 3

…

70 Next