Skip to main content

TCPDump

Filter on port 80

tcpdump port 80

Filter on source port 80

tcpdump src port 80

Destination port 80

tcpdump dest port 80

All traffic for 192.168.1.1

tcpdump host 192.168.1.1

Save output

tcpdump tcp -w output.pcap

Resource: https://medium.com/swlh/introduction-to-tcpdump-635653f56177

Filter on service

In this case, we are filtering icmp traffic on the eth0 interface where the ICMP type field value is icmp-echo. We finish it with a full protocol decode (-vv) aka verbose output.

tcpdump -i eth0 icmp and icmp[icmptype]=icmp-echo -vv

Resources: http://alumni.cs.ucr.edu/~marios/ethereal-tcpdump.pdf http://www.networksorcery.com/enp/protocol/icmp/msg8.htm

Listen for traffic over port 389

tcpdump -i eth0 -nn port 389

Resource: https://hackertarget.com/tcpdump-examples/

No comments to display

Back to top