tshark
tshark
tcpdump analyzer traffic tcp
Ejemplo de uso:
tshark -s1500 -i eth0 -n -d tcp.port==8140,ssl port 8140 0.000000 10.1.1.1 -> 10.2.2.2 TCP 51532 > 8140 [SYN] Seq=0 Win=5840 Len=0 MSS=1460 TSV=3705949461 TSER=0 WS=7 0.000527 10.2.2.2 -> 10.1.1.1 TCP 8140 > 51532 [SYN, ACK] Seq=0 Ack=1 Win=8190 Len=0 MSS=1460 0.000543 10.1.1.1 -> 10.2.2.2 TCP 51532 > 8140 [ACK] Seq=1 Ack=1 Win=5840 Len=0 0.000981 10.1.1.1 -> 10.2.2.2 SSLv2 Client Hello 0.001640 10.2.2.2 -> 10.1.1.1 TLSv1 Server Hello, Certificate, Certificate Request, Server Hello Done 0.001670 10.1.1.1 -> 10.2.2.2 TCP 51532 > 8140 [ACK] Seq=106 Ack=1358 Win=8142 Len=0 0.002009 10.1.1.1 -> 10.2.2.2 TLSv1 Alert (Level: Fatal, Description: Certificate Revoked)
tshark.txt · Last modified: 2015/04/13 20:19 by 127.0.0.1