Latest revision as of 05:28, 3 May 2012

About

Tcpdump, a powerful command-line packet analyzer already installed and working on your system by default.

Login to your server over ssh and put this command into terminal:

tcpdump -i eth0 -n -s 0 port 5060 -vvv -w /home/capture_file_name

Packets will be saved to directory /home/capture_file_name

You can send captured file capture.pcap from your server to your PC and open with Wireshark GUI and analyse the packets.

You can find full command explanation here:

@@ Line 2: / Line 2: @@
 =About=
 Tcpdump, a powerful command-line packet analyzer already installed and working on your system by default.
 <br><br>
-=How to use it?=
+==How to use it?==
+<br>
-Login to your server and put this command into terminal:
+Login to your server over [http://wiki.kolmisoft.com/index.php/What_is_SSH%3F ssh] and put this command into terminal:
   tcpdump -i eth0 -n -s 0 port 5060 -vvv -w /home/capture_file_name
@@ Line 13: / Line 11: @@
 Packets will be saved to directory /home/capture_file_name
-You can send captured file capture.pcap from your server and open with Wireshark GUI and analyse the packets.
+You can send captured file capture.pcap from your server to your PC and open with Wireshark GUI and analyse the packets.
 <br><br>
-=Full command explaining=
+==Full command explaining==
+<br>
-You can find full command explaining here:
+You can find full command explanation here:
-http://www.jonathanmanning.com/2009/10/26/how-to-voip-sip-capture-with-tcpdump-on-linux/
+http://nil.uniza.sk/network-security/analyzers/using-tcpdump-sip-diagnostic
-See also:
+===See also===
 * [[How to capture packets using wireshark]]