tcpdump抓包取证
date
May 30, 2022
slug
tip-tcpdump-catch-culprit
status
Published
summary
小技巧
tags
tip
type
Post
URL
Problem & Summary
tcpdump -i eth0 port smtp
tcpdump -i eth0 port 443
# any interfaces
tcpdump -i any port '(25 or 110 or 143 or 465 or 587 or 993 or 995 or 2525)' -w - | tee ~/tcpdump.log | ssh ${remote_host} "cat >> $(hostname).pcap"
tcpdump -i any 'udp port 1812 or tcp port 1813'
tcpdump -an portrange 1-25
# 抓取到本机22端口包
tcpdump -c 10 -nn -i ens33 tcp dst port 22
查看日志
