How To Specify Host, Port and Protocol For Tcpdump?

RSS
EMAIL
FACEBOOK
FACEBOOK
GOOGLE
GOOGLE
https://www.poftut.com/how-to-specify-host-port-and-protocol-for-tcpdump/
PINTEREST
PINTEREST
INSTAGRAM

Tcpdump is everyday tool used by system and network administrator. We generally look simple use cases like host, port and protocol filter for tcpdump . In this tutorial we will look how to filter host, port and protocol in tcpdump. But keep in mind that tcpdump will requires administrator or root privileges. We can use root account or sudo command in order to gain root privileges.

Specify Host Name

Tcpdump can resolve host names like regular tools. We can specify the host name but the host name should be resolvable. In this example we will capture traffic from poftut.com. We will use host option like below.

Specify IP Address

IP address of the target can be provided to the tcpdump like below. In this example we will capture packets from 192.168.122.10

Specify IP Address

Specify IP Address

Specify Port

We can specify the port number with port option. This will capture all traffic related port number from target and our local system. In this example we want to capture http traffic which port number is 80 .

Specify Destination Port

We can specify only destination port number with thedst port option. In this example we will filter targets https port.

Specify Source Port

If we want to troubleshot local system we can specify the local system port with the src port and the port number. In this example we will capture local smtp port.

LEARN MORE  How To Check and List Listening Ports with Netstat In Linux

Capture HTTP

We can capture HTTP traffic with the following command.

Capture SMTP

We can capture SMTP traffic with the following command.This will provide mail traffic.

Capture HTTPS

We can capture HTTPS traffic with the following command but keep in mind the data will be encrypted.

Capture DNS

We can capture DNS traffic with the following command

Capture SSH

We can capture SSH port with the following command. SSH is an encrypted protocol.

Capture Telnet

We can capture telnet port with the following command. As telnet is clear text protocol we can sniff user names and passwords by capturing telnet traffic.

Capture VNC

VNC is remote desktop protocol mainly used Linux systems. We can capture VNC port like below.

Capture RDP

We can capture RDP port like below.

RSS
EMAIL
FACEBOOK
FACEBOOK
GOOGLE
GOOGLE
https://www.poftut.com/how-to-specify-host-port-and-protocol-for-tcpdump/
PINTEREST
PINTEREST
INSTAGRAM

You may also like...

Leave a Reply

Your email address will not be published.

Enjoy this blog? Please spread the word :)