User Tools

Site Tools


tshark

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

tshark [2015/04/13 22:19] (current)
Line 1: Line 1:
 +====== tshark ======
  
 +tcpdump analyzer traffic tcp
 +
 +Ejemplo de uso:
 +
 +<​code>​
 +tshark -s1500 -i eth0 -n -d tcp.port==8140,​ssl port 8140
 +
 +  0.000000 10.1.1.1 -> 10.2.2.2 TCP 51532 > 8140 [SYN] Seq=0 Win=5840 Len=0 MSS=1460 TSV=3705949461 TSER=0 WS=7
 +  0.000527 10.2.2.2 -> 10.1.1.1 TCP 8140 > 51532 [SYN, ACK] Seq=0 Ack=1 Win=8190 Len=0 MSS=1460
 +  0.000543 10.1.1.1 -> 10.2.2.2 TCP 51532 > 8140 [ACK] Seq=1 Ack=1 Win=5840 Len=0
 +  0.000981 10.1.1.1 -> 10.2.2.2 SSLv2 Client Hello
 +  0.001640 10.2.2.2 -> 10.1.1.1 TLSv1 Server Hello, Certificate,​ Certificate Request, Server Hello Done
 +  0.001670 10.1.1.1 -> 10.2.2.2 TCP 51532 > 8140 [ACK] Seq=106 Ack=1358 Win=8142 Len=0
 +  0.002009 10.1.1.1 -> 10.2.2.2 TLSv1 Alert (Level: Fatal, Description:​ Certificate Revoked)
 +</​code>​
tshark.txt ยท Last modified: 2015/04/13 22:19 (external edit)