Packet_Capture - After executing the command all packets...

Info iconThis preview shows pages 1–6. Sign up to view the full content.

View Full Document Right Arrow Icon
Packet Capture Chapter 8A
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Capturing Network Traffic Viewing captured network traffic can enhance understanding of the protocols being used Network sniffers which capture network traffic can also be a security concern when used in an unauthorized manner. Various programs can be used to capture network traffic
Background image of page 2
WinDump and TCPDump WinDump and TCP Dump are both packet capture and analysis programs. These programs capture packets entering and leaving the specified computer interface. TCPDump is the Unix, Linux version WinDump is the Windows version Before WinDump can be run on a system the program WinPcap must be installed.
Background image of page 3

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
WinDump WinDump is run from the Windows command prompt. The form of the command is WinDump options WinDump –i2 –c40
Background image of page 4
Background image of page 5

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Background image of page 6
This is the end of the preview. Sign up to access the rest of the document.

Unformatted text preview: After executing the command all packets that enter or exit the designated interface will be displayed on the screen. Packet capture can be terminated by pushing CTRL c WinDump Options Some example WinDump options are: -i 1 -i 2 These commands specify interface 1 or 2 In many cases interface 2 is the primary interface - c n Where n is the number of packets you wish to capture. - n Dont convert ip address to host names WinDump Options Other options include -v Verbose output -w filename Write output to a file -r filename Read packets from a file instead of capturing directly -x Output should be in hex There are many more options...
View Full Document

Page1 / 6

Packet_Capture - After executing the command all packets...

This preview shows document pages 1 - 6. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online