This shows you the differences between two versions of the page.
Next revision | Previous revision | ||
linux:tcpip [2019/01/21 11:21] seanburns created |
— (current) | ||
---|---|---|---|
Line 1: | Line 1: | ||
- | < | ||
- | # TCP/IP Notes, Chapter 11 | ||
- | ## Date: Mon Oct 12 2018 | ||
- | Let's take a look at | ||
- | |||
- | **IPTRAF: Interactive colorful IP lan monitor** | ||
- | |||
- | ``sudo iptraf-ng`` | ||
- | |||
- | **IFTOP: Display bandwidth usage on an interface by host** | ||
- | |||
- | ``sudo iftop -i enp0s3`` | ||
- | |||
- | **tcpick: TCP stream sniffer and connection tracker** | ||
- | |||
- | ```bash | ||
- | sudo tcpick -i enp0s3 | ||
- | sudo tcpick -i enp0s3 -C -h -a | ||
- | sudo tcpick -i enp0s3 -C -yP -h -a "port 80" | ||
- | w3m http:// | ||
- | w3m http:// | ||
- | sudo tcpick -i enp0s3 -C -yP -h -a "port 443" | ||
- | sudo tcpick -i enp0s3 -C -yP -h -a "port 22" | ||
- | ``` | ||
- | |||
- | **NMAP: Network exploration tool and security / port scanner** | ||
- | |||
- | |||
- | ```bash | ||
- | sudo nmap 10.163.36.80 | ||
- | sudo nmap -O 10.163.36.80 | ||
- | ``` | ||
- | |||
- | Don't do this on a public network: | ||
- | |||
- | ```bash | ||
- | ifconfig | ||
- | sudo nmap -sP 10.163.36.0/ | ||
- | ``` | ||
- | |||
- | **tcpdump: Dump traffic on a network** | ||
- | |||
- | ```bash | ||
- | sudo tcpdump host 10.163.36.80 | ||
- | to my machine machine | ||
- | ``` | ||
- | |||
- | Exit out of host machine -- launch this from one machine on host machine, and | ||
- | then on a separate machine, use w3m to visit the host machine: | ||
- | |||
- | ```bash | ||
- | sudo tcpdump src 10.163.36.80 | ||
- | sudo tcpdump dst 10.163.36.80 | ||
- | sudo tcpdump port 80 -w http.pcap | ||
- | ``` | ||
- | </ |