SIP Capture with TCPDump

From Kolmisoft Wiki
Jump to navigationJump to search



About

Tcpdump, a powerful command-line packet analyzer already installed and working on your system by default.

How to use it?


Login to your server over ssh and put this command into terminal: 

tcpdump -i eth0 -n -s 0 port 5060 -vvv -w /home/capture_file_name

Packets will be saved to directory /home/capture_file_name

You can send captured file capture.pcap from your server to your PC and open with Wireshark GUI and analyse the packets.

Full command explaining


You can find full command explanation here:

http://nil.uniza.sk/network-security/analyzers/using-tcpdump-sip-diagnostic

See also

Retrieved from "https://wiki.kolmisoft.com/index.php?title=SIP_Capture_with_TCPDump&oldid=13141"