Taking TCP Dump
1. Start capture
On a server
# sudo /usr/sbin/tcpdump -s0 -X -x -i eth0 -vvv -w /tmp/test.trc
On a virtualized or balanced server
# sudo /usr/sbin/tcpdump -s0 -X -x -i eth1 -vvv -w /tmp/test.trc
2. Stop capture
Press ^C for stop
3. Convert the file format
# strings /tmp/test.trc
> /tmp/test.txt
4. Get the dump file
Use a file transfer client (Filezilla / WinSCP)
No comments:
Post a Comment
Note: only a member of this blog may post a comment.