In addition to Weibo, there is also WeChat
Please pay attention
WeChat public account
Shulou
2025-04-07 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Development >
Share
Shulou(Shulou.com)06/01 Report--
Editor to share with you how to use the tcpdump command of Linux. I hope you will get something after reading this article. Let's discuss it together.
The tcpdump command is a Datagram sniffing tool based on the command line of the unix system, which can grab data packets flowing on the network card.
In general, the Linux system will come with tcpdump tools, if the system is not installed, just use the command to install it.
Installation commands: yum install-y tcpdump teaches you to use tcpdump commands in Linux to use tcpdump commands in Linux to view installation commands: tcpdump-- help teaches you to use tcpdump commands in Linux and teaches you to use tcpdump commands in Linux
View the network card command:
God teaches you to use tcpdump commands in Linux. God teaches you to use tcpdump commands in Linux.
Knowing the network card, you can use the tcpdump tool to monitor and filter the network data for the network card on the server.
Common tcpdump commands:
# grab all network data that passes through eth0 with the destination or source address of 192.168.29.162
Command: tcpdump-n-I eth0 host 192.168.29.162
# Source address
Command: tcpdump-I eth2 src host 192.168.29.162
# destination address
Command: tcpdump-I eth2 dst host 192.168.29.162
# grab the network data of the current server eth0 Nic port 8080
Command: tcpdump-n-I eth0 port 8080
# fetching sql statements executed by mysql
Command: tcpdump-I eth2-s 0-l-w-dst port 3306 | strings
# grab the network packet of mysql communication (cap is opened with wireshark)
Command tcpdump-n-nn-tttt-I eth0-s 65535 'port 3306'-w 20160505mysql.cap
# fetching SMTP data
Command: tcpdump-I eth2'tcp [tcpflags] & tcp-syn! = 0 and tcp [tcpflags] & tcp-ack! = 0'
# grab HTTP GET data. The hexadecimal value of "GET" is 47455420
Command: tcpdump-I eth2 'tcp [(tcp [12] > > 2): 4] = 0x47455420'
# fetching SSH returned. The hexadecimal of "SSH-" is 0x5353482D.
Command: tcpdump-I eth2 'tcp [(tcp [12] > > 2): 4] = 0x5353482D'
# grab the GET packet of port number 8080 in real time, and then write it to GET.log
Command: tcpdump-I eth0'((port 8080) and (tcp [(tcp [12] > > 2): 4] = 0x47455420))'- nnAl-w / tmp/GET.log
# crawl specifies the number of SYN, and the-c parameter specifies how many packets to grab.
Command: time tcpdump-nn-I eth0'tcp [tcpflags] = tcp-syn'-c 10
After reading this article, I believe you have a certain understanding of "how to use the tcpdump command of Linux". If you want to know more about it, you are welcome to follow the industry information channel. Thank you for reading!
Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.
Views: 0
*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.
Continue with the installation of the previous hadoop.First, install zookooper1. Decompress zookoope
"Every 5-10 years, there's a rare product, a really special, very unusual product that's the most un