Tuesday, January 25, 2011

Using tcpdump to sniff HTTP traffic from a specific host

This is mostly just a reminder to myself about my preferred parameters to tcpdump on linux, so that I don't have to keep reading the man page.

tcpdump -c 20 -s 0 -i eth1 -A host 192.168.1.1 and tcp port http

The parameter breakdown:
  • -c 20: Exit after capturing 20 packets.
  • -s 0: Don't limit the amount of payload data that is printed out. Print it all.
  • -i eth1: Capture packets on interface eth1
  • -A: Print packets in ASCII.
  • host 192.168.1.1: Only capture packets coming to or from 192.168.1.1.
  • and tcp port http: Only capture HTTP packets.

17 comments:

Anonymous said...

Fantastic!

Colin said...

Legend - thanks for that

XALPS unterwegs said...

Thank you! Helped me a lot while debugging our Sophos UTM Web Application Firewall!

patricia said...

What a nice website. With good information and nice people.

Anonymous said...

Fantastic x2 !!!

Jr. Williams said...

How To increase web traffic????
Business Traffic

Rose Maria said...

How can I get rid of iLivid ad on Facebook?
traffic

Jr. Williams said...

Spot on with this article, I really think this website needs more attention.  I'll probably be back to read more, thanks for the info.
solo ads traffic

Anonymous said...

I found your blog in the directory of blogs, your blog looks awesome.
buy real website traffic

Andriy Potapov said...

Saved me 2 hours of work right there :)
Thanks!!!!

Anonymous said...


I am really very agree with your qualities it is very helpful for look like home. Thank you so much for info and keep it up.


weight loss cleanse & green tea fat burner

john smith said...

Android web view- full screen & progress dialog on loading . skip to content. android web view- full screen & progress dialog on loading raw. buy cheap adult traffic

Anonymous said...

Please keep sharing more and more information about this.This is a good information of the fashion licensing articles and really like your site.
weight loss cleanse & dgreen tea fat burner

Anonymous said...

Please keep sharing more and more information about this.This is a good information of the fashion licensing articles and really like your site.

Yoga Instructor Course & Yoga Teacher Training

Anonymous said...

Mkniit is a Site where any engineering or non engineering student can learn online for free it provides all niit data like niit cycle test, niit lab@home, assignments, projects and much more..

visit ===>> http://mkniit.blogspot.in

Unknown said...

I am glad with the information that you provided, this is very useful. Thank you for posting. Such accurate blogs are very hard to find. But I have website with the same content visit to know further details on our Reliable Online Printing.

solo ads us said...

I think you have provided the best material and anyone who can do the same can do great things.