Scribd Logo
Încărcați

Bine ați venit la Scribd!

  • TC0506en PDF

    Încărcat de

    anuragsharmatech
    30 vizualizări2 pagini

    Titlu original

    TC0506en.pdf

    Drepturi de autor

    © © All Rights Reserved

    Formate disponibile

    PDF, TXT sau citiți online pe Scribd

    Vi se pare util acest document?

    Este necorespunzător acest conținut?

    Raportați acest document

    Drepturi de autor:

    © All Rights Reserved
    Descărcați ca PDF, TXT sau citiți online pe Scribd
    Indicator pentru conținut neadecvat
    30 vizualizări2 pagini

    TC0506en PDF

    Încărcat de

    anuragsharmatech

    Drepturi de autor:

    © All Rights Reserved
    Descărcați ca PDF, TXT sau citiți online pe Scribd
    Indicator pentru conținut neadecvat
    din 2

    TECHNICAL COMMUNICATION

    No. TC0506

    Ed. 01

    OmniPCX Enterprise

    Nb of pages : 2

    Date : 15-12-2003

    URGENT
    NOT URGENT

    TEMPORARY

    PERMANENT

    SUBJECT : USE OF THE TOOL TCPDUMP ON OmniPCX Entreprise

    1.

    PURPOSE

    The tcpdump tool embedded on Call Server (version using Linux operating system i.e. R5.0 Lx and
    R5.1) is a tool for capturing and displaying the IP packets. It can be used as help to diagnostic. It
    displays the packets in hexadecimal or semi-hexadecimal mode (certain parts in light and other ones
    into hexadecimal).
    Options exist in order to filter the packets for particular protocols or hosts.
    It can also record the capture in a file to be read later on by a more advanced software (sniffer).
    Indeed, the format of the file recorded by tcpdump can be read by the most free softwares trade
    (Example: ethereal, packetizer, ).

    2.

    USE

    tcpdump must be launched under root. For security reasons, its execution is logged in the messages
    and syslog files of Call Server.
    Some options can be added to the command: refer to documentation of the type "Man page" available
    on the Web or on a Unix machine on which the documentation is embedded. Only some current and
    essential options are provided in this document.
    Options
    tcpdump host <a.b.c.d>
    tcpdump host <a.b.c.d> or
    host <k.l.m.n>
    tcpdump port <x>
    tcpdump n
    tcpdump
    tcpdump
    tcpdump
    tcpdump

    v
    x
    -w /tmpd/packets
    -c 3000 -w /tmpd/packets

    Selecting all the traffic from and to a machine


    Idem but for two machines
    Selecting all the traffic for a specific port
    No conversion of addresses names (only the IP
    addresses are displayed)
    Mode "verbose" (additional information)
    Displaying each packet in mode hexadecimal
    Recording all the traffic into a file
    Recording 3000 IP frames into a file (the program
    quits on packet 3001)

    Few important keywords to filter the packets:


    Type
    Direction
    Protocole

    host, net, port


    src, dst, src or dst, src and dst
    ether, ip, udp, tcp, etc.

    Consult the documentation for more information on expressions to be completed for the filtering.

    TECHNICAL COMMUNICATION

    No. TC0506

    Ed. 01

    OmniPCX Enterprise

    Nb of pages : 2

    Date : 15-12-2003

    URGENT
    NOT URGENT

    TEMPORARY

    PERMANENT

    SUBJECT : USE OF THE TOOL TCPDUMP ON OmniPCX Entreprise


    Notes
    The options can of course be combined between them:
    Example : tcpdump n host <a.b.c.d> and port 23
    To read a file recorded by tcpdump on "ethereal" for example, it is enough to launch "ethereal"
    and to open the recorded file (it does not matter the extension of this file).
    It is possible to read a file recorded by tcpdump by tcpdump itself:
    tcpdump

    -r

    <file>.

    In this case, the filters can also be associated:


    Example : tcpdump arp -r <file>

    S-ar putea să vă placă și