[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

RE: netstat ?



>>
>> In <SNT125-W503AD2F570F2C86CE7A4AFDB410@phx.gbl>, Hadi Motamedi
>> wrote:
>> >My Debian server is at @172.16.128.1 and the remote network
>> element is at
>> > @172.16.4.1 ,
>
> Thank you for your reply . Sorry , you mean the tcpdump can be used
> to monitor the exchanged packets toward an spesific ip address ? I
> thought that it can just monitor all of the packets on my eth0 and
> then I need to find the dedicated port to try to filter with . If it
> can do that , please provide me with an example on how to use it to
> monitor for an specific ip address ?



>From your server (as root) the following command will dump traffic
data to/from the remote network elemnt.

    tcpdump host 172.16.4.1

If you want to see the payload of each packet in hex and ascii (from
previous posts I'm guessing you do)

    tcpdump host 172.16.4.1 -XX

if you want to save the data in a file for later analysis

    tcpdump host 172.16.4.1 -XX >> somefile

******

if you want to know why you are doing this

    man tcpdump

Regards, Tim.




Reply to: