From the course: Penetration Testing Essential Training
Join today to access over 24,900 courses taught by industry experts.
Capturing packets with tcpdump - Linux Tutorial
From the course: Penetration Testing Essential Training
Capturing packets with tcpdump
- [Narrator] One of the more useful tools when testing our systems is TCPdump, which we can use to capture TCP packets that are transmitted on the local network. We need to make sure when we're trying to capture packets that are traveling between other hosts on the network, that we've got promiscuous mode set. This is set in the virtual machine configuration under Network, Advanced. And as we can see here, we have it set to allow all. TCPdump is a command line tool and is included in the Linux distribution. It has some basic command line options. We can check tcpdump -D to show the list of interfaces that we can select for capturing traffic. We can use any to capture all traffic on all interfaces. We can also use the minus C switch to limit the number of packets we capture to just 10. We need root privileges to run tcpdump when we're capturing packets, so we'll type pseudo tcpdump -i any -c 10. We can use the -n switch to suppress host name resolution and -nn suppresses both host name…
Practice while you learn with exercise files
Download the files the instructor uses to teach the course. Follow along and learn by watching, listening and practicing.
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.
Contents
-
-
-
-
Scanning networks with Nmap6m 41s
-
(Locked)
A netcat refresher4m 56s
-
(Locked)
Capturing packets with tcpdump9m 32s
-
(Locked)
Work with netstat, nbtstat, and arp2m 28s
-
(Locked)
Scripting with PowerShell6m 1s
-
(Locked)
Extending PowerShell with Nishang5m 8s
-
(Locked)
What is Active Directory?5m 38s
-
(Locked)
Analyze Active Directory with BloodHound6m 31s
-
-
-
-
-
-
-