Question

TCP dump and wireshark If I am using the following command, what additional information can be...

TCP dump and wireshark

  1. If I am using the following command, what additional information can be captured, and how many packets will be captured? (#tcpdump -i eth 3 -nn -e host 8.8.8.8 and icmp -c 5)

  2. One of the most important caveats to consider is to not run packet search commands when the CPU utilization is “high.” What does the speaker suggest is a “high” CPU utilization?

  3. If you want to SAVE CAPTURED DATA to view it in WireShark, what would be the command?

Homework Answers

Answer #1

The speaker suggests that “high” CPU utilization is using SecureXL

Syntax
*********

#tcpdump -i <interface-name> -nn -vv host <host-ip> and port <port-number> -c<number-of-packets-to-capture> /var/log/capture.txt

Save Captured Data command/s

tcpdump -i eth3 -nn -vv host 10.11.12.12 and port 80 -c 5 > /var/log/capture.txt

tcpdump -i eth3 -nn -vv host 10.11.12.12 and port 80 -c 5 -w /var/log/capture.cap

if you have any doubt then please ask me without any hesitation in the comment section below , if you like my answer then please thumbs up for the answer , before giving thumbs down please discuss the question it may possible that we may understand the question different way and i can edit and change the answers if you argue, thanks :)

Know the answer?
Your Answer:

Post as a guest

Your Name:

What's your source?

Earn Coins

Coins can be redeemed for fabulous gifts.

Not the answer you're looking for?
Ask your own homework help question
Similar Questions
ADVERTISEMENT
Need Online Homework Help?

Get Answers For Free
Most questions answered within 1 hours.

Ask a Question
ADVERTISEMENT