You can use our TcpDump CheatSheet for free - just follow the link below! The downloaded file can be distributed in any way.Download
Please, contact us and send your questions about cyber security - Dhound experts are always ready to help with the security of your website!
Here is the list of most popular tcpdump that Dhound team use for production network troubleshooting or capture security events.
Tcpdump is a command line network packet sniffer for Linux-based systems. Tcpdump can be installed by default in some Linux distributions (just type in command line tcpdump), overwise, install it by the command.
apt-get install tcpdump
PS. Wireshark is one of the best network sniffers for Windows-based systems.
NOTE! IP addresses specified in commands are just examples.
tcpdump -i any 'udp && src host 172.31.7.188' -vvnnS
tcpdump -i any '(udp && port 53 && dst host 172.31.7.188)' -vvnnS
tcpdump -i any '((tcp[tcpflags] == tcp-syn) && src 172.31.7.188)' -vvnnS
tcpdump -i any '(tcp = 18 and dst host 172.31.7.188)' -vvnnS
tcpdump -i any 'dst port 6379' -vvnnS -w redis.pcap
tcpdump -i any '(udp and not dst port 53 and src host 172.31.7.188)' -vvnnS
tcpdump -i any 'host 172.31.7.188' -vvnnS -w host-172-31-71-88.pcap
tcpdump -i eth0 'not (port 22 or 443 or 53 or 5672) and not arp' -nnvvS