Question

TCP dump and wireshark If I am using the following command, what additional information can be...

TCP dump and wireshark

  1. If I am using the following command, what additional information can be captured, and how many packets will be captured? (#tcpdump -i eth 3 -nn -e host 8.8.8.8 and icmp -c 5)

  2. One of the most important caveats to consider is to not run packet search commands when the CPU utilization is “high.” What does the speaker suggest is a “high” CPU utilization?

  3. If you want to SAVE CAPTURED DATA to view it in WireShark, what would be the command?

Homework Answers

Answer #1

The speaker suggests that “high” CPU utilization is using SecureXL

Syntax
*********

#tcpdump -i <interface-name> -nn -vv host <host-ip> and port <port-number> -c<number-of-packets-to-capture> /var/log/capture.txt

Save Captured Data command/s

tcpdump -i eth3 -nn -vv host 10.11.12.12 and port 80 -c 5 > /var/log/capture.txt

tcpdump -i eth3 -nn -vv host 10.11.12.12 and port 80 -c 5 -w /var/log/capture.cap

if you have any doubt then please ask me without any hesitation in the comment section below , if you like my answer then please thumbs up for the answer , before giving thumbs down please discuss the question it may possible that we may understand the question different way and i can edit and change the answers if you argue, thanks :)

Know the answer?
Your Answer:

Post as a guest

Your Name:

What's your source?

Earn Coins

Coins can be redeemed for fabulous gifts.

Not the answer you're looking for?
Ask your own homework help question
Similar Questions