quarta-feira, 23 de janeiro de 2013

tcpdump                                                 

 # apt-get install tcpdump
# tcpdump -i eth0
tcpdump: WARNING: eth0: no IPv4 address assigned
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 65535 bytes
00:45:47.490069 PPPoE  [ses 0xd201] IP ns1.juralinux.com.br.2223 > 187-4-244-38.bnut3700.dsl.brasiltelecom.net.br.1                          5286: Flags [P.], seq 920029226:920029470, ack 2073559787, win 280, length 244
00:45:47.498070 PPPoE  [ses 0xd201] IP ns1.juralinux.com.br.36461 > M.ROOT-SERVERS.NET.domain: 16851 [1au] PTR? 38.                          244.4.187.in-addr.arpa. (54)
00:45:47.566791 PPPoE  [ses 0xd201] IP 187-4-244-38.bnut3700.dsl.brasiltelecom.net.br.15286 > ns1.juralinux.com.br.                          2223: Flags [.], ack 244, win 4109, length 0
00:45:47.808263 PPPoE  [ses 0xd201] IP M.ROOT-SERVERS.NET.domain > ns1.juralinux.com.br.36461: 16851- 0/8/13 (642)
00:45:47.814072 PPPoE  [ses 0xd201] IP ns1.juralinux.com.br.29462 > a.in-addr-servers.arpa.domain: 7649 [1au] PTR?                           38.244.4.187.in-addr.arpa. (54)
00:45:48.011513 PPPoE  [ses 0xd201] IP a.in-addr-servers.arpa.domain > ns1.juralinux.com.br.29462: 7649- 0/10/1 (47                          2)
00:45:48.018406 PPPoE  [ses 0xd201] IP ns1.juralinux.com.br.52495 > f.gtld-servers.net.domain: 3806% [1au] A? ns.lacnic.net. (42)
00:45:48.018416 PPPoE  [ses 0xd201] IP ns1.juralinux.com.br.9123 > c.dns.br.domain: 30689% [1au] A? ns2.dns.br. (39)
00:45:48.018419 PPPoE  [ses 0xd201] IP ns1.juralinux.com.br.26271 > g.gtld-servers.net.domain: 24618% [1au] A? ns2.lacnic.net. (43)
00:45:48.018422 PPPoE  [ses 0xd201] IP ns1.juralinux.com.br.41296 > f.gtld-servers.net.domain: 57925% [1au] A? ns3.afrinic.net. (44)
^C00:45:48.018441 PPPoE  [ses 0xd201] IP ns1.juralinux.com.br.5079 > i.gtld-servers.net.domain: 62409% [1au] A? sec1.authdns.ripe.net. (50)
# tcpdump -i eth0
tcpdump: WARNING: eth0: no IPv4 address assigned
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 65535 bytes
00:54:04.094161 PPPoE  [ses 0xd201] IP ns1.juralinux.com.br.2223 > 187-4-244-38.bnut3700.dsl.brasiltelecom.net.br.15286: Flags [P.], seq 920068126:920068370, ack 2073563879, win 280, length 244
00:54:04.102404 PPPoE  [ses 0xd201] IP ns1.juralinux.com.br.2223 > 187-4-244-38.bnut3700.dsl.brasiltelecom.net.br.15286: Flags [P.], seq 244:488, ack 1, win 280, length 244
00:54:04.114073 PPPoE  [ses 0xd201] IP ns1.juralinux.com.br.2223 > 187-4-244-38.bnut3700.dsl.brasiltelecom.net.br.15286: Flags [P.], seq 488:700, ack 1, win 280, length 212
00:54:04.122403 PPPoE  [ses 0xd201] IP ns1.juralinux.com.br.2223 > 187-4-244-38.bnut3700.dsl.brasiltelecom.net.br.15286: Flags [P.], seq 700:912, ack 1, win 280, length 212
00:54:04.130072 PPPoE  [ses 0xd201] IP ns1.juralinux.com.br.2223 > 187-4-244-38.bnut3700.dsl.brasiltelecom.net.br.15286: Flags [P.], seq 912:1124, ack 1, win 280, length 212
00:54:04.138402 PPPoE  [ses 0xd201] IP ns1.juralinux.com.br.2223 > 187-4-244-38.bnut3700.dsl.brasiltelecom.net.br.15286: Flags [P.], seq 1124:1352, ack 1, win 280, length 228
00:54:04.146071 PPPoE  [ses 0xd201] IP ns1.juralinux.com.br.2223 > 187-4-244-38.bnut3700.dsl.brasiltelecom.net.br.15286: Flags [P.], seq 1352:1580, ack 1, win 280, length 228
00:54:04.170546 PPPoE  [ses 0xd201] IP 187-4-244-38.bnut3700.dsl.brasiltelecom.net.br.15286 > ns1.juralinux.com.br.2223: Flags [.], ack 244, win 3881, length 0
00:54:04.178405 PPPoE  [ses 0xd201] IP ns1.juralinux.com.br.2223 > 187-4-244-38.bnut3700.dsl.brasiltelecom.net.br.15286: Flags [P.], seq 1580:2020, ack 1, win 280, length 440
00:54:04.186073 PPPoE  [ses 0xd201] IP ns1.juralinux.com.br.2223 > 187-4-244-38.bnut3700.dsl.brasiltelecom.net.br.15286: Flags [P.], seq 2020:2248, ack 1, win 280, length 228
# tcpdump -i eth0 -qtNnn port 110

# tcpdump -i eth0 -qtNnn src 192.168.1.13

# tcpdump -i eth0 -n host 192.168.1.13

# tcpdump -nSt host 192.168.1.13

# tcpdump -nStA host 192.168.1.13

# tcpdump -nSt port 80

# tcpdump -i eth0 -nSt host 192.168.1.13




------------------------------------------------------------------------------------------------------------------------
===[ Sharing Knowledge ]===   -  Obrigado - Thank you - Danke - Merci - Grazie - Gracias - arigatou gozaimasu
“We make a living by what we get, but we make a life by what we give.”  - Give and you will receive - just share :)
------------------------------------------------------------------------------------------------------------------------


Postado por às

Nenhum comentário:

Postar um comentário

Assinar: Postar comentários (Atom)