david/netsec-djw2
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
This repository has been archived on 2025-04-28. You can view files and clone it, but cannot push or open issues or pull requests.
be69ad8b7a
netsec-djw2/hw2
History
David Westgate be69ad8b7a rename hw2
2024-05-11 10:48:10 -07:00
..
hw2.md rename hw2 2024-05-11 10:48:10 -07:00
README.md hw2 2024-04-27 14:50:19 -07:00
t1.md hw2 2024-04-27 14:50:19 -07:00
t2.md hw2 2024-04-27 14:50:19 -07:00
t3.md hw2 2024-04-27 14:50:19 -07:00

README.md

Homework 2 - tcpdump

For each TCP dump below, I will show the command used, and the output of 10 packets

tcpdump to capture only DNS packets

Command

sudo tcpdump -c 10 -tt -XX -v -i any 'tcp port 53 or udp port 53'

Result

t1.md

tcpdump to capture TCP packets destined for either port 443 or 8080, originating from my computer

Command

sudo tcpdump -c 10 -tt -XX -v -i any 'tcp and src host 10.0.2.15 and (dst port 443 or dst port 8080)'

Result

t2.md

tcpdump capture where traffic is either UDP or TCP, inbound to my computer, and destined to a port in range 20000 to 35000

Command

sudo tcpdump -c 10 -tt -XX -v -i any 'dst host 10.0.2.15 and (tcp or udp) and dst portrange 20000-35000'

Result

t3.md