We shall have a look at flags in this post. A TCP segment would have a TCP header and a payload, let's have a look at the contents of a typical TCP header, and see where flags are placed Source Port (16b) + Dest. Port (16b) + Seq.no.(32b) + Ack. no.(32b) + Header length(4b) + … Continue reading play with tcp(dump) ~ post 3 (flags)
tcp
play with tcp(dump) ~ post 2
Here, we shall explore few different ways of capturing traffic Let's check interface eth0's details cumulus@server01:~$ ip addr show eth0 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000 link/ether 44:38:39:00:08:00 brd ff:ff:ff:ff:ff:ff inet 192.168.0.31/16 brd 192.168.255.255 scope global eth0 valid_lft forever preferred_lft forever inet6 fe80::4638:39ff:fe00:800/64 scope link valid_lft forever preferred_lft … Continue reading play with tcp(dump) ~ post 2
play with tcp(dump) ~ post1
Let's capture some TCP traffic and analyse it using tcpdump. I am using an ubuntu server on CITC (cumulus in the cloud) for this demonstration To check the version of Ubuntu cumulus@server01:~$ lsb_release -a No LSB modules are available. Distributor ID: Ubuntu Description: Ubuntu 16.04.1 LTS Release: 16.04 Codename: xenial To see the list of … Continue reading play with tcp(dump) ~ post1
network blog 