{"id":99,"date":"2016-03-28T12:20:38","date_gmt":"2016-03-28T10:20:38","guid":{"rendered":"http:\/\/it.ynip.de\/?p=99"},"modified":"2020-11-27T08:20:28","modified_gmt":"2020-11-27T07:20:28","slug":"tcpdump","status":"publish","type":"post","link":"https:\/\/it.ynip.de\/?p=99","title":{"rendered":"tcpdump"},"content":{"rendered":"\n<p>DNS-Abfragen<br><code>tcpdump -n udp dst port 53<\/code><\/p>\n\n\n\n<p>anderes Interface:<br><code>tcpdump -i eth2 -n udp dst port 53<\/code><\/p>\n\n\n\n<p>Mehr Details:<br><code>tcpdump -vvv -s 0 -l -n port 53<\/code><\/p>\n\n\n\n<p>Aufzeichnung eth3 und Host &#8211; schreiben in Datei ohne Paketbegrenzung (-s 0 -&gt; Problem wireshark)<br><code>tcpdump -i eth3 dst host 192.168.0.10 -w \/root\/temp\/tcpdump_eth3_192_168_0_10.pcab -s 0<\/code><\/p>\n\n\n\n<p>Checken ob irgendein Client sich zu einer bestimmte IP verbindet (Botnet-Verbindungen)<\/p>\n\n\n\n<p><code>tcpdump -nn dst host 87.106.18.136<\/code><\/p>\n","protected":false},"excerpt":{"rendered":"<p>DNS-Abfragentcpdump -n udp dst port 53 anderes Interface:tcpdump -i eth2 -n udp dst port 53 Mehr Details:tcpdump -vvv -s 0 -l -n port 53 Aufzeichnung eth3 und Host &#8211; schreiben in Datei ohne Paketbegrenzung (-s 0 -&gt; Problem wireshark)tcpdump -i eth3 dst host 192.168.0.10 -w \/root\/temp\/tcpdump_eth3_192_168_0_10.pcab -s 0 Checken ob irgendein Client sich zu einer &hellip; <\/p>\n<p class=\"link-more\"><a href=\"https:\/\/it.ynip.de\/?p=99\" class=\"more-link\"><span class=\"screen-reader-text\">\u201etcpdump\u201c<\/span> weiterlesen<\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-99","post","type-post","status-publish","format-standard","hentry","category-allgemein"],"_links":{"self":[{"href":"https:\/\/it.ynip.de\/index.php?rest_route=\/wp\/v2\/posts\/99","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/it.ynip.de\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/it.ynip.de\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/it.ynip.de\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/it.ynip.de\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=99"}],"version-history":[{"count":5,"href":"https:\/\/it.ynip.de\/index.php?rest_route=\/wp\/v2\/posts\/99\/revisions"}],"predecessor-version":[{"id":263,"href":"https:\/\/it.ynip.de\/index.php?rest_route=\/wp\/v2\/posts\/99\/revisions\/263"}],"wp:attachment":[{"href":"https:\/\/it.ynip.de\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=99"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/it.ynip.de\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=99"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/it.ynip.de\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=99"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}