TCP Dump
----------------------------------------------------------------------------------
$ sudo tcpdump -s 0 -A host www.uol.com.br and port 80 #Show ASCII
$ sudo tcpdump -s 0 -X host www.uol.com.br and port 80 #Show Hexdump and ASCII
#Filter only packages in port range from 4210-4218, with tcp-flag Push, and do not buffer output with "-l" so I can pipe and don't freeze
$ sudo tcpdump -l -i eth0 -X -s 0 -n 'host snelnxa124 and portrange 4210-4218 and (tcp[tcpflags] & (tcp-push) != 0)'
$ sudo tcpdump -l -i eth0 -A -s 0 -n 'host snelnxa124 and portrange 4210-4218 and (tcp[tcpflags] & (tcp-push) != 0)' | grep -v Flags
$ sudo tcpdump -l -i eno1 -A -s 0 -n 'host www.ic.unicamp.br and tcp port http'
Extra
-----------------------------------------------------------------------------------
$ telnet towel.blinkenlights.nl #Star wars ascii
https://goo.gl/AwpNxV
https://fwknowledge.wordpress.com/2013/03/05/tcpdump-flags/
https://www.wains.be/pub/networking/tcpdump_advanced_filters.txt
No comments:
Post a Comment