From the course: Network Forensics
Join today to access over 23,300 courses taught by industry experts.
tcpdump and WinDump hands-on
From the course: Network Forensics
tcpdump and WinDump hands-on
- [Narrator] Imagine that I'd like to intercept all the Secure Shell traffic on my Ubuntu operating system or OS. To accomplish this goal type sudo tcpdump - s 0 port ssh. - s 0 here is a option that allows me to capture an entire packet. Port ssh indicates that I'm only interested in packets coming in and going out of my local secure shell server. Press Enter. Type the password. By pressing Enter I just executed this command. Now tcpdump is waiting for a secure shell packet to appear. To generate the packets of our interest I can open a terminal window on another VM and sign onto the secure shell server. Type ssh space user name instructor@ the I.P. address of the secure shell server which is 10.35.4.150 and press Enter. Type the password. Now you're successfully signed onto the remote secure shell server. Here you can see the packets being exchanged in the tcpdump terminal. Now let me quit tcpdump. In this example I sent the tcpdump ouput to my terminal window so that you could see…
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.