User Tools

Site Tools


linux:tcpip

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Next revision
Previous revision
linux:tcpip [2019/01/21 11:21]
seanburns created
— (current)
Line 1: Line 1:
-<markdown> 
-# TCP/IP Notes, Chapter 11 
-## Date: Mon Oct  12 2018 
  
-Let's take a look at 
- 
-**IPTRAF: Interactive colorful IP lan monitor** 
- 
-``sudo iptraf-ng`` 
- 
-**IFTOP: Display bandwidth usage on an interface by host** 
- 
-``sudo iftop -i enp0s3`` 
- 
-**tcpick: TCP stream sniffer and connection tracker** 
- 
-```bash 
-sudo tcpick -i enp0s3 
-sudo tcpick -i enp0s3 -C -h -a             
-sudo tcpick -i enp0s3 -C -yP -h -a "port 80" 
-  w3m http://10.163.36.69/~sean/ 
-  w3m http://10.163.36.69/ 
-sudo tcpick -i enp0s3 -C -yP -h -a "port 443" 
-sudo tcpick -i enp0s3 -C -yP -h -a "port 22" 
-``` 
- 
-**NMAP: Network exploration tool and security / port scanner** 
- 
- 
-```bash 
-sudo nmap 10.163.36.80                  # List open ports 
-sudo nmap -O 10.163.36.80               # List open ports, enable OS detection 
-``` 
- 
-Don't do this on a public network: 
- 
-```bash 
-ifconfig                                # identify network ID and Mask 
-sudo nmap -sP 10.163.36.0/24            # map network or subnet 
-``` 
- 
-**tcpdump: Dump traffic on a network** 
- 
-```bash 
-sudo tcpdump host 10.163.36.80          # see all packets leaving and coming 
-                                          to my machine machine 
-``` 
- 
-Exit out of host machine -- launch this from one machine on host machine, and 
-then on a separate machine, use w3m to visit the host machine: 
- 
-```bash 
-sudo tcpdump src 10.163.36.80           # see packets leaving my machine 
-sudo tcpdump dst 10.163.36.80           # see packets coming to my machine 
-sudo tcpdump port 80 -w http.pcap       # save all http traffic to http.pcap file 
-``` 
-</markdown> 
linux/tcpip.1548087665.txt.gz ยท Last modified: 2019/01/21 11:21 by seanburns