Open a new terminal pane and use scp to transfer the file to your own laptop.
In most cases, though, you will want to do a more in-depth analysis using Wireshark on your laptop. (Note that you don't need special privileges to print back packet summaries from a file, only to capture live traffic from a network interface! That's why you didn't need sudo for this command.) When using tcpdump, we will use the -i argument to specify the name of the interface that we want to capture traffic on.
We will start by learning how to use tcpdump to capture all network packets arriving at or leaving a particular network interface. Note that despite its name, tcpdump does not only capture TCP packets - it captures all types of packets! Since we have terminal-based SSH sessions on our remote hosts, we will use tcpdump to capture network packets. However, tcpdump is a terminal-based application while Wireshark has a graphical user interface. Exercise - Capture network traffic with tcpdumpīoth Wireshark and tcpdump can be used to capture packets from a live network.
You will use these utilities in every lab exercise for the remainder of the course. Using these applications, we can capture raw network data as it arrives at or leaves any host in our experiments, save the raw network packets in a file, and analyze the packets in this file in order to gain insight into network protocols and their behavior. Finally, in this section you will practice using tcpdump and Wireshark, two software applications for packet capture and packet analysis.
0 kommentar(er)
