Home How-To How To Sniff Into A Network

How-To

How To Sniff Into A Network

May 17, 2019

3979

basics

we all know that data comes and goes in the form of data packets. if we want to capture it, we would require an interface on which the data is being sent and the port no. if we have one.

for this practical, we will use the tcpdump tool.

if you haven’t watched the video about network packet sniffing,

watch this

Tcpdump can be used to sniff into a network. it is written in c++. Believe me, it is not important who built it. we will sniff into a network of our own.

warning: never sniff into a public wifi network, not even neighbors’ wifi.

uses of tcpdump

to capture packets on the local server

I have started an HTTP server on my LOCALHOST. it means we will have to use “lo”

interface.

type this command:

tcpdump -i lo

this command will start to capture packets that are being sent over localhost.

to capture packets on a port

type this command:

tcpdump port 22

in this case, I have already opened an SSH port(22). if someone will try to connect to it we will capture the data. you can try this on other ports like 80,21,23 etc. but mostly you have to specify the port before port-no.

to capture packets on a host

type this command:

tcpdump host google.com

we have specified the host google. if someone will try to connect to google.com, the packets will be captured by the tcpdump.

to save the packets

type this command:

tcpdump -i wlan0 -w capture_file

don’t worry about interface, it can be any but it should have sent and receive packets. notice that we specified -w for a capture file.

the capture files can be read with this command:

tcpdump -r capture_file

to capture on one protocoal

type this command:

tcpdump tcp

you can change the TCP to ICMP or UDP depends on your services.

to capture a defined size of packets

type this command:

tcpdump less 60

tcpdump greater 60

the first command will capture the packets whose size is small than 60.

the second line will capture more than 60 size packets.

note- there are the basic commands of tcpdump. after reading this you can use iptables and tcpdump at the same time so you may know how network traffic works.

if you haven’t read about iptables, click here.

thanks for visiting

How To Fix Error: Externally-Managed-Environment In Python (Kali Linux)

Understanding Systemctl Command in Linux (Practical)

Macros in docm & Linux memory dump| Hack The Boo …

Android Apps debugging | Frida, JADX, Genymotion

How To Sniff Into A Network

LEAVE A REPLY Cancel reply

Connect With Us

Popular

How To Hack MySpace By Phishing (Working)

How To Perform Brute-Force on Facebook Easily

How to enable RDP in Linux | XRDP, SSH

How To Crack WinRAR | Reverse Engineering

How to extract information from .DMP files

KDE VS XFCE | which one is better

How To Edit a Text file in Windows Powershell

How To Fix Error: Externally-Managed-Environment In Python (Kali Linux)

Macros in docm & Linux memory dump| Hack The Boo ...