Shulou(Shulou.com)05/31 Report--

This article mainly explains "what is the linux package grabbing tool". Friends who are interested may wish to have a look at it. The method introduced in this paper is simple, fast and practical. Next, let the editor take you to learn "what is the linux bag grabbing tool"?

Linux packet grabbing tools: 1, Charles, by becoming a computer or browser agent, intercept requests and request results to achieve the purpose of analyzing packets; 2, Wireshark, a cross-platform packet grabbing tool; 3, tcpdump, a network data acquisition and analysis tool, can capture data and analysis; 4, Netstat, etc.

The operating environment of this tutorial: linux5.9.8 system, Dell G3 computer.

The main function of the network packet capture tool is to record the process of network execution in detail. If you are a programmer, you must have some knowledge of network packet capture. When there is a problem in the network communication part of the program written by yourself, grasping the package can generally quickly locate the cause of the problem in the program.

Linux bag grabbing tool

1 、 Charles

Charles is actually a proxy server that analyzes and grabs packets by becoming a proxy for computers or browsers, and then intercepting requests and request results. The software is written in Java and can be used on Windows,Mac,Linux. The development of iOS is on the Mac system. When installing Charles, you need to install the Java environment first.

2 、 Wireshark

Wiresark is a super powerful package grabbing tool, is a necessary tool for network engineers, but also a cross-platform tool, Windows Linux macOS can be used. It can not only analyze the data of http/https, but also can be seen at more than 2 layers of the network, such as the three-way handshake of tcp, but if you only analyze the http protocol, you don't need such professional tools to avoid increasing the cost of filtering requests and learning costs.

3 、 tcpdump

Tcpdump is a commonly used package grabbing tool under Linux. It is a command line tool that can grab data similar to Wireshark, and saved packets can be put into Wireshark for analysis. If your Linux server needs to catch packet analysis problems, it is a very good choice.

TcpDump is a network data acquisition and analysis tool, using TcpDump can completely intercept the "header" of data packets transmitted in the network to provide analysis, and support filtering for network layer, protocol, host, network or port. It is often used to intercept network packets and output packet content.

4 、 Netstat

Netstat is a tool for monitoring TCP/IP network. The tool can display the routing table, the actual network connection and the status information of each network interface device. It is generally used to verify the network connection of each port of the machine.

5 、 ngrep

Ngrep is a network packet grabbing tool that can be used to listen for data inflows and outflows from various ports. Take a look at how the man manual introduces ngrep:

DESCRIPTIONngrep strives to provide most of GNU grep's common features, applying them to the network layer. Ngrep is a pcap-aware toolthat will allow you to specify extended regular expressions to match against data payloads of packets. It currently recog-nizes TCP, UDP and ICMP across Ethernet, PPP, SLIP, FDDI and null interfaces, and understands bpf filter logic in the samefashion as more common packet sniffing tools.

It probably means:

Ngrep strives to provide most of the common features of GNU grep and apply them to the network layer. Ngrep is a pcap-aware tool that allows you to specify extended regular expressions to match the data payload of a packet. Currently, it can recognize TCP,UDP and ICMP on Ethernet, PPP,SLIP,FDDI, and empty interfaces, and understand bpf filter logic in the same way as more common packet sniffing tools

At this point, I believe you have a deeper understanding of "what is the linux package grabbing tool". You might as well do it in practice. Here is the website, more related content can enter the relevant channels to inquire, follow us, continue to learn!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.