1. Capture packets in a file for a particular port
snoop -s 65536 -o /tmp/snoop.out.pcap port 22
snoop -d vnet0 -o /tmp/servername.pcap -v port 22
2. Capture packets in a file for a network interface particular port (solaris 11)
snoop -I net0 -v port 22
snoop host 192.168.1.20 port 162 #Capture packets of port 162 from remote host
snoop -I ipmp0 -v host 192.168.0.10 port 514 # Capture packets of port 162 from remote host
3. Inspect / view the snoop output captures file
snoop -i /tmp/snoop.out.pcap
4. Packet capture for the specified IPMP group. (Solaris 11)
snoop -I ipmp-group
snoop -I ipmp0
snoop -I ipmp-group
snoop -I ipmp0
5. Capture the traffic from the host 192.168.0.10 coming through the interface ipmp0 to a file (Solaris 11)
snoop -I ipmp0 -o /tmp/snoop.out.pcap host 192.168.0.10
6. Analyse snoop output file in GUI tool Wireshark
Wireshark is the world’s foremost and widely-used network protocol analyzer.
It tells you see what’s happening on your network at a microscopic level
Download and install Wireshark GUI tool in our PC / Laptop
snoop -s 65536 -o /tmp/snoop.out.pcap -v port 22
Copy the snoop output file to our PC / Laptop
Right click and Open the .pcap file with Wireshark
Now we can view the logs in Wireshark GUI tool with full details.
Linux Tcpdump
1. Capture the traffic from the host 192.168.0.10 coming through the interface ens190 to a file
tcpdump -w /tmp/tcpdump_out.pcap -i ens190 dst 192.168.0.10
2. Read the Captured Packets from File
tcpdump -r /tmp/tcpdump_out.pcap | head -100
3. Check connectivity using nc command in linux
nc -v -z -w 5 judi-dev-01 1521
~Judi~
No comments:
Post a Comment