Main Contents

sniffing traffic

February 26, 2010

I was debugging an application at work the other day and needed to monitor tcp network traffic on ports 80 and 8080 from one of our servers to another server. I fired up tcp dump on the server with the following command:

>tcpdump -Xvnes 0 -w /tmp/capture.log 'tcp and host and (port 8080 or port 80)'

Replace with the real ip of the destination server. This created a dump file at /tmp/capture.log that I could then load up in wireshark for analysis.

Filed under: Computers | Comments (0)

Leave a comment