| die letzten Änderungen * Seitenstruktur * Stichwortsuche :


logo_puschin.jpg

Startseite

Knowledge base



Kontakt

Impressum

Knowledge base - Linux Netzwerk

Knowledge base

7 Benutzer online Druckversion




zurück



Linux Netzwerk
Parameter für tcpdump zum Sniffen

tcpdump -X -s 0 reicht aus, darüber hinaus kann man noch die folgenden Optionen
aktivieren.

tcpdump -vvv -X -x -s 0

-s     Snarf  snaplen  bytes  of  data from each packet rather than the
              default of 68 (with SunOS's NIT, the minimum  is  actually  96).
              68  bytes is adequate for IP, ICMP, TCP and UDP but may truncate
              protocol information from  name  server  and  NFS  packets  (see
              below).   Packets  truncated  because  of a limited snapshot are
              indicated in the output with ``[|proto]'', where  proto  is
              the name of the protocol level at which the truncation
              has occurred.
              Note that taking larger snapshots both increases the  amount  of
              time it takes to process packets and, effectively, decreases the
              amount of packet buffering.  This may cause packets to be  lost.
              You  should  limit snaplen to the smallest number that will cap-
              ture the protocol information  you're  interested  in.   Setting
              snaplen  to 0 means use the required length to catch whole pack-
              ets.

-x     Print each packet (minus its link level  header)  in  hex.   The
              smaller  of  the entire packet or snaplen bytes will be printed.
              Note that this is the entire link-layer packet, so for link lay-
              ers  that  pad  (e.g.  Ethernet), the padding bytes will also be
              printed when  the  higher  layer  packet  is  shorter  than  the
              required padding.

    -X     When printing hex, print ascii too.  Thus if -x is also set, the
              packet  is  printed  in  hex/ascii.   This  is  very  handy  for
              analysing new protocols.  Even if -x is not also set, some parts
              of some packets may be printed in hex/ascii.

       -vvv   Even more verbose output.  For example, telnet SB ... SE options
              are  printed in full.  With -X telnet options are printed in hex
              as well.


zurück



Knowledge base wurde zuletzt bearbeitet am 12.07.13 durch Frank

www.puschin.de
login

<body bgcolor='#FFFFFF' link='#000000' vlink='#000000' alink='#000000' text='#000000'><font face='Verdana' size='2'><strong>www.puschin.de</strong><br>Die Webseite http://www.puschin.de bietet eine interessante Webseite zu vielen Themen aus dem Bereich Linux und Windows. Man findet hier Tipps und Tricks zu cms php apache postfix openxchange tomcat windows linux firewall <br><br><font face='Verdana' size='2'><li><a href='cms.php?print=&aktion=thema_anzeigen&menue_id=191'>Startseite</a><font face='Verdana' size='2'><li><a href='cms.php?print=&aktion=thema_anzeigen&menue_id=63'>Knowledge base</a><font face='Verdana' size='2'><li><a href='cms.php?print=&aktion=thema_anzeigen&menue_id=57'>Kontakt</a><font face='Verdana' size='2'><li><a href='cms.php?print=&aktion=thema_anzeigen&menue_id=9'>Impressum</a></body>