Newer posts are loading.
You are at the newest post.
Click here to check if anything new just came in.

December 26 2013

17:49

Un affichage minimum dans tcpdump

Pour afficher peu d'informations, on peut combiner les options -q (sortie rapide) et -t (non affichage d'un cachet ou référence temporelle en début de ligne).

Ainsi, la commande sudo tcpdump -i [interface] -q -t génère un rendu léger qui ne donne grosso-modo que les adresses IP et ports utilisés :

IP 12.34.56.78.46039 > 55.66.77.88.8945: tcp 0
IP 55.66.77.88.8945 > 12.34.56.78.46039: tcp 12
IP 12.34.56.78.46039 > 55.66.77.88.8945: tcp 0
IP 12.34.56.78.46039 > 55.66.77.88.8945: tcp 5031
IP 12.34.56.78.46039 > 55.66.77.88.8945: tcp 0
IP6 ab90::247:c84f:fe5a:75c6 > ip6-allnodes: ICMP6, router advertisement, length 104
IP 12.34.56.78.46039 > 55.66.77.88.8945: tcp 5031
IP 55.66.77.88.8945 > 12.34.56.78.46039: tcp 0
IP 55.66.77.88.8945 > 12.34.56.78.46039: tcp 381
IP 12.34.56.78.46039 > 55.66.77.88.8945: tcp 0
IP 12.34.56.78.46039 > 55.66.77.88.8945: tcp 5031
IP 55.66.77.88.8945 > 12.34.56.78.46039: tcp 0
IP 97.86.75.64.https > 12.34.56.78.42610: tcp 5031
IP 55.66.77.88.8945 > 12.34.56.78.46039: tcp 0
IP 202.190.179.37.7671 > 12.34.56.78.www: tcp 0
IP 254.203.151.100.mysql > 12.34.56.78.55152: tcp 0
IP 254.203.151.100.mysql > 12.34.56.78.55152: tcp 0

Documentation officielle : https://www.tcpdump.org/tcpdump_man.html .

Don't be the product, buy the product!

Schweinderl