HomeBlogsrex's blog

Packet Sniffing and Monitoring with Tshark / Wireshark

Submitted by rex on Sat, 01/09/2010 - 02:34

capture the traffic for 300 seconds and save it in output_file and exit

tshark -a duration:300 -q -w output_file

Sniff the traffic and show it on the screen
tshark -S

Sniff 1000 packets and show it on the screen
tshark -S -c 1000

IO Stats - How many packets and frames has been transfered in 60 seconds?
tshark -a duration:60 -z io,stat,60

read the dumpfile 'output_file'
tshark -r output_file

read output_file and show only http connections from the ip 1.2.3.4
tshark -r output_file -R "ip.addr == 1.2.3.4 && tcp.port == 80"

Show only http GET requests from the output_file
tshark -r output_file -R "http.request.method==GET"

Show IP's mit incoming & outgoing traffic
tshark -r output_file -q -z conv,ip

Save the smtp network connection for 300 seconds and also displays realtime the connections.
tshark -w smtp-network-connections -a duration:300 -S -q -R "smtp"

Bookmark/Search this post with
Tags:

Comments

Post new comment

The content of this field is kept private and will not be shown publicly.
  • Use <pre> all your html php come here </pre> for your code
  • Allowed HTML tags: <a> <b> <pre> <h1> <h2> <h3> <h4> <h5> <h6> <em> <strong> <cite> <code> <ul> <ol> <li> <dl> <dt> <dd> <div> <style><img> <br> <blockquote>
  • Lines and paragraphs break automatically.
  • You may insert videos with [video:URL]

More information about formatting options

CAPTCHA
This question is for testing whether you are a human visitor and to prevent automated spam submissions.
Image CAPTCHA
Enter the characters shown in the image.

CafeWebmaster.com(CW) is a free online community for webdevelopers and beginners. Anybody can share their code, articles, tips, tutorials, code-examples or other webdesign related material on the site. Newbies can submit their questions and reply to existing questions. CW does not guarantee or warrant reliability of code, data and information published on the site. Use the site on your own risk. The site takes no responsibility of direct or indirect loss or any kind of harm to its users. The site also doesn't take responsibility of infected files or source code with any kind of infection or viruses, worms, spywares, malwares, trojan horses. CW reserves the right to edit, move, or delete any of content for any reason.