From the course: Penetration Testing Essential Training (2021)
Join today to access over 23,200 courses taught by industry experts.
Capture packets with tcpdump
From the course: Penetration Testing Essential Training (2021)
Capture packets with tcpdump
- [Instructor] One of the more useful tools when testing Linux systems is TCPDUMP, which we can use to capture TCP packets that are transmitted on the local network. While more advanced tools such as Wireshark are ideal for displaying and analyzing packets. TCPDump is a raw capture tool, which comes into its own when doing remote captures. You'll need to make sure when you're trying to capture packets from other hosts on the network that you've got promiscuous mode set, this is set in the virtual machine configuration, under network, advanced, let's set it. TCPDump is a command line tool and is included in the Linux distribution. It has some basic command line options, minus D, this is used to show the list of interfaces. We can use minus I to specify the interface to listen on this common use is minus I and E to list on all interfaces, a minus I ET8 zero to listen just on ET8 zero, the ethernet port. Minus C this is…
Practice while you learn with exercise files
Download the files the instructor uses to teach the course. Follow along and learn by watching, listening and practicing.
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.