SlideShare a Scribd company logo

Tcpdump

Download as PPTX, PDF
Sourav Roy
Sourav Roy

This document provides an overview of TCPDUMP including: - Introducing TCPDUMP as a command line network packet analyzer that comes pre-installed on Unix systems. - Explaining how to decipher data packets captured by TCPDUMP. - Detailing basic and intermediate TCPDUMP command line options and usage including filtering, reading from and writing to files. - Outlining steps for network hacking techniques like footprinting, scanning, and DDoS attacks.

Technology
1 of 13
TCPDUMP THINK OF U LATER
AGENDA  INTRO TO TCPDUMP.  DECIFERING A DATA PACKET.  BASIC USAGE.  INTERMEDIATE USAGE.  HACK-A-TACK…  REFERENCES.  ACKNOWLEDGEMENTS.
TCPDUMP  It is an ip utility tool used for real-time packet sniffing(Network).  Command line program comes in built in a Unix based system.  Programs like ethereal(Wireshark) provide an alternative to Tcpdump in GUI environment.
INTRO operating system used OPEN SYSTEM- UBUNTU 9.10 software used program version manner of installation TCPDUMP 4.0.0 PRE-INSTALLED document history version date changes 1.0.0 2004-04-14 -concieved - new document history scheme 1.0.1 2005-10-05 - minor corrections and some new examples
DECIFERING A DATA PACKET Reference
DATAGRAM
COMMAND LINE N OPTION Option Descriptions -i -Tells the interface we are using. -e -Gives the MAK address. -q -Stay quite rather than printing more info. -v -Stay verbous. -vv -Very verbous. -t -Remove time stamp. -l -Buffers one line at a time on output. -c -Count of packet to capture. -w -Write to a file then printing on screen. -r -Read the content of file.
EXPRESSIONS  Negation.  Concatenation.  Alternation. Example: 1. #tcpdump –w hades.txt not port 22 2. # cat > filterfile dst host spider and "(udp or proto 51)" and not (src host peter or src host goblin)" Ctrl-D # tcpdump -F filterfile
HACK-A-TACK STEPS: 1. Footprinting. 2. Scanning. 3. Hacking sys n OS. 4. Tools. 5. Ddos. 6. Hacking website.
CONCLUSION  #tcpdump –qel |tee hades.txt -vv src host <ip_in_network> and "(udp or http)" and dst host <ip_of_server>  # tcpdump -i eth0 -nq not "(port 22 and host <ip_firewall>)" and not "(port 53 or 80 or 110 or 119 or 443)" and dst host <my_ip>  # tcpdump -i tun0 -nq and not port '(20 or 21 or 25 or 53 or 80 or 110 or 119 or 123 or 443)' and not icmp and src host <my_ip>
REFERENCES
ACKNOWLEDGEMENTS
REFERENCE Go back

Recommended

Introduction to tcpdump
Introduction to tcpdumpIntroduction to tcpdump
Introduction to tcpdumpLev Walkin
 
TCPdump-Wireshark
TCPdump-WiresharkTCPdump-Wireshark
TCPdump-WiresharkHarsh Singh
 
Wireshark Basic Presentation
Wireshark Basic PresentationWireshark Basic Presentation
Wireshark Basic Presentation
MD. SHORIFUL ISLAM
 
Wireshark, Tcpdump and Network Performance tools
Wireshark, Tcpdump and Network Performance toolsWireshark, Tcpdump and Network Performance tools
Wireshark, Tcpdump and Network Performance tools
Sachidananda Sahu
 
Scanning with nmap
Scanning with nmapScanning with nmap
Scanning with nmap
commiebstrd
 
Nmap basics
Nmap basicsNmap basics
Nmap basics
n|u - The Open Security Community
 
Understanding NMAP
Understanding NMAPUnderstanding NMAP
Understanding NMAP
Phannarith Ou, G-CISO
 
Nmap scripting engine
Nmap scripting engineNmap scripting engine
Nmap scripting engine
n|u - The Open Security Community
 

Recommended

Introduction to tcpdump
Introduction to tcpdumpIntroduction to tcpdump
Introduction to tcpdumpLev Walkin
 
TCPdump-Wireshark
TCPdump-WiresharkTCPdump-Wireshark
TCPdump-WiresharkHarsh Singh
 
Wireshark Basic Presentation
Wireshark Basic PresentationWireshark Basic Presentation
Wireshark Basic Presentation
MD. SHORIFUL ISLAM
 
Wireshark, Tcpdump and Network Performance tools
Wireshark, Tcpdump and Network Performance toolsWireshark, Tcpdump and Network Performance tools
Wireshark, Tcpdump and Network Performance tools
Sachidananda Sahu
 
Scanning with nmap
Scanning with nmapScanning with nmap
Scanning with nmap
commiebstrd
 
Nmap basics
Nmap basicsNmap basics
Nmap basics
n|u - The Open Security Community
 
Understanding NMAP
Understanding NMAPUnderstanding NMAP
Understanding NMAP
Phannarith Ou, G-CISO
 
Nmap scripting engine
Nmap scripting engineNmap scripting engine
Nmap scripting engine
n|u - The Open Security Community
 
Port Scanning
Port ScanningPort Scanning
Port Scanning
amiable_indian
 
Practical Packet Analysis: Wireshark
Practical Packet Analysis: Wireshark Practical Packet Analysis: Wireshark
Practical Packet Analysis: Wireshark
Ashley Wheeler
 
Packet analysis using wireshark
Packet analysis using wiresharkPacket analysis using wireshark
Packet analysis using wireshark
Basaveswar Kureti
 
NFS(Network File System)
NFS(Network File System)NFS(Network File System)
NFS(Network File System)
udamale
 
NMAP - The Network Scanner
NMAP - The Network ScannerNMAP - The Network Scanner
NMAP - The Network Scanner
n|u - The Open Security Community
 
Wireshark Traffic Analysis
Wireshark Traffic AnalysisWireshark Traffic Analysis
Wireshark Traffic AnalysisDavid Sweigert
 
Iptables presentation
Iptables presentationIptables presentation
Iptables presentation
Emin Abdul Azeez
 
Ssh (The Secure Shell)
Ssh (The Secure Shell)Ssh (The Secure Shell)
Ssh (The Secure Shell)
Mehedi Farazi
 
NMAP
NMAPNMAP
NMAP
PrateekAryan1
 
Wireshark
WiresharkWireshark
Wireshark
Kasun Madusanke
 
Wireshark Inroduction Li In
Wireshark Inroduction Li InWireshark Inroduction Li In
Wireshark Inroduction Li In
mhaviv
 
SSL basics and SSL packet analysis using wireshark
SSL basics and SSL packet analysis using wiresharkSSL basics and SSL packet analysis using wireshark
SSL basics and SSL packet analysis using wireshark
Al Imran, CISA
 
Socket Programming
Socket ProgrammingSocket Programming
Socket Programming
CEC Landran
 
DevConf 2014 Kernel Networking Walkthrough
DevConf 2014 Kernel Networking WalkthroughDevConf 2014 Kernel Networking Walkthrough
DevConf 2014 Kernel Networking Walkthrough
Thomas Graf
 
Netcat
NetcatNetcat
Netcat
penetration Tester
 
Nmap tutorial
Nmap tutorialNmap tutorial
Nmap tutorialVarun Kakumani
 
Snort IPS
Snort IPSSnort IPS
Snort IPSSimone Tino
 
Wireshark
WiresharkWireshark
Wireshark
Sourav Roy
 
SSH - Secure Shell
SSH - Secure ShellSSH - Secure Shell
SSH - Secure Shell
Peter R. Egli
 
Wireshark
WiresharkWireshark
Wireshark
Vijay kumar
 
CNIT 123 Ch 10: Hacking Web Servers
CNIT 123 Ch 10: Hacking Web ServersCNIT 123 Ch 10: Hacking Web Servers
CNIT 123 Ch 10: Hacking Web Servers
Sam Bowne
 
Wireshark - presentation
Wireshark - presentationWireshark - presentation
Wireshark - presentation
Kateryna Haskova
 

More Related Content

What's hot

Port Scanning
Port ScanningPort Scanning
Port Scanning
amiable_indian
 
Practical Packet Analysis: Wireshark
Practical Packet Analysis: Wireshark Practical Packet Analysis: Wireshark
Practical Packet Analysis: Wireshark
Ashley Wheeler
 
Packet analysis using wireshark
Packet analysis using wiresharkPacket analysis using wireshark
Packet analysis using wireshark
Basaveswar Kureti
 
NFS(Network File System)
NFS(Network File System)NFS(Network File System)
NFS(Network File System)
udamale
 
NMAP - The Network Scanner
NMAP - The Network ScannerNMAP - The Network Scanner
NMAP - The Network Scanner
n|u - The Open Security Community
 
Wireshark Traffic Analysis
Wireshark Traffic AnalysisWireshark Traffic Analysis
Wireshark Traffic AnalysisDavid Sweigert
 
Iptables presentation
Iptables presentationIptables presentation
Iptables presentation
Emin Abdul Azeez
 
Ssh (The Secure Shell)
Ssh (The Secure Shell)Ssh (The Secure Shell)
Ssh (The Secure Shell)
Mehedi Farazi
 
NMAP
NMAPNMAP
NMAP
PrateekAryan1
 
Wireshark
WiresharkWireshark
Wireshark
Kasun Madusanke
 
Wireshark Inroduction Li In
Wireshark Inroduction Li InWireshark Inroduction Li In
Wireshark Inroduction Li In
mhaviv
 
SSL basics and SSL packet analysis using wireshark
SSL basics and SSL packet analysis using wiresharkSSL basics and SSL packet analysis using wireshark
SSL basics and SSL packet analysis using wireshark
Al Imran, CISA
 
Socket Programming
Socket ProgrammingSocket Programming
Socket Programming
CEC Landran
 
DevConf 2014 Kernel Networking Walkthrough
DevConf 2014 Kernel Networking WalkthroughDevConf 2014 Kernel Networking Walkthrough
DevConf 2014 Kernel Networking Walkthrough
Thomas Graf
 
Netcat
NetcatNetcat
Netcat
penetration Tester
 
Wireshark
WiresharkWireshark
Wireshark
Sourav Roy
 
SSH - Secure Shell
SSH - Secure ShellSSH - Secure Shell
SSH - Secure Shell
Peter R. Egli
 
Wireshark
WiresharkWireshark
Wireshark
Vijay kumar
 

What's hot (20)

Port Scanning
Port ScanningPort Scanning
Port Scanning
 
Practical Packet Analysis: Wireshark
Practical Packet Analysis: Wireshark Practical Packet Analysis: Wireshark
Practical Packet Analysis: Wireshark
 
Packet analysis using wireshark
Packet analysis using wiresharkPacket analysis using wireshark
Packet analysis using wireshark
 
NFS(Network File System)
NFS(Network File System)NFS(Network File System)
NFS(Network File System)
 
NMAP - The Network Scanner
NMAP - The Network ScannerNMAP - The Network Scanner
NMAP - The Network Scanner
 
Wireshark Traffic Analysis
Wireshark Traffic AnalysisWireshark Traffic Analysis
Wireshark Traffic Analysis
 
Iptables presentation
Iptables presentationIptables presentation
Iptables presentation
 
Ssh (The Secure Shell)
Ssh (The Secure Shell)Ssh (The Secure Shell)
Ssh (The Secure Shell)
 
NMAP
NMAPNMAP
NMAP
 
Wireshark
WiresharkWireshark
Wireshark
 
Wireshark Inroduction Li In
Wireshark Inroduction Li InWireshark Inroduction Li In
Wireshark Inroduction Li In
 
SSL basics and SSL packet analysis using wireshark
SSL basics and SSL packet analysis using wiresharkSSL basics and SSL packet analysis using wireshark
SSL basics and SSL packet analysis using wireshark
 
Socket Programming
Socket ProgrammingSocket Programming
Socket Programming
 
DevConf 2014 Kernel Networking Walkthrough
DevConf 2014 Kernel Networking WalkthroughDevConf 2014 Kernel Networking Walkthrough
DevConf 2014 Kernel Networking Walkthrough
 
Netcat
NetcatNetcat
Netcat
 
Nmap tutorial
Nmap tutorialNmap tutorial
Nmap tutorial
 
Snort IPS
Snort IPSSnort IPS
Snort IPS
 
Wireshark
WiresharkWireshark
Wireshark
 
SSH - Secure Shell
SSH - Secure ShellSSH - Secure Shell
SSH - Secure Shell
 
Wireshark
WiresharkWireshark
Wireshark
 

Viewers also liked

CNIT 123 Ch 10: Hacking Web Servers
CNIT 123 Ch 10: Hacking Web ServersCNIT 123 Ch 10: Hacking Web Servers
CNIT 123 Ch 10: Hacking Web Servers
Sam Bowne
 
Wireshark - presentation
Wireshark - presentationWireshark - presentation
Wireshark - presentation
Kateryna Haskova
 
CNIT 124 Ch 13: Post Exploitation (Part 1)
CNIT 124 Ch 13: Post Exploitation (Part 1)CNIT 124 Ch 13: Post Exploitation (Part 1)
CNIT 124 Ch 13: Post Exploitation (Part 1)
Sam Bowne
 
CNIT 141: 9. Elliptic Curve Cryptosystems
CNIT 141: 9. Elliptic Curve CryptosystemsCNIT 141: 9. Elliptic Curve Cryptosystems
CNIT 141: 9. Elliptic Curve Cryptosystems
Sam Bowne
 
Tcpdump hunter
Tcpdump hunterTcpdump hunter
Tcpdump hunter
Andrew McNicol
 
CNIT 141 8. Public-Key Cryptosystems Based on the DLP
CNIT 141 8. Public-Key Cryptosystems Based on the DLPCNIT 141 8. Public-Key Cryptosystems Based on the DLP
CNIT 141 8. Public-Key Cryptosystems Based on the DLP
Sam Bowne
 
Cloud Foundry Monitoring How-To: Collecting Metrics and Logs
Cloud Foundry Monitoring How-To: Collecting Metrics and LogsCloud Foundry Monitoring How-To: Collecting Metrics and Logs
Cloud Foundry Monitoring How-To: Collecting Metrics and Logs
Altoros
 
CNIT 50: 6. Command Line Packet Analysis Tools
CNIT 50: 6. Command Line Packet Analysis ToolsCNIT 50: 6. Command Line Packet Analysis Tools
CNIT 50: 6. Command Line Packet Analysis Tools
Sam Bowne
 
CNIT 125 Ch 5 Communication & Network Security (part 2 of 2)
CNIT 125 Ch 5 Communication & Network Security (part 2 of 2)CNIT 125 Ch 5 Communication & Network Security (part 2 of 2)
CNIT 125 Ch 5 Communication & Network Security (part 2 of 2)
Sam Bowne
 
CNIT 141: 10. Digital Signatures
CNIT 141: 10. Digital SignaturesCNIT 141: 10. Digital Signatures
CNIT 141: 10. Digital Signatures
Sam Bowne
 
Navigating the Ecosystem of Pivotal Cloud Foundry Tiles
Navigating the Ecosystem of Pivotal Cloud Foundry TilesNavigating the Ecosystem of Pivotal Cloud Foundry Tiles
Navigating the Ecosystem of Pivotal Cloud Foundry Tiles
Altoros
 

Viewers also liked (11)

CNIT 123 Ch 10: Hacking Web Servers
CNIT 123 Ch 10: Hacking Web ServersCNIT 123 Ch 10: Hacking Web Servers
CNIT 123 Ch 10: Hacking Web Servers
 
Wireshark - presentation
Wireshark - presentationWireshark - presentation
Wireshark - presentation
 
CNIT 124 Ch 13: Post Exploitation (Part 1)
CNIT 124 Ch 13: Post Exploitation (Part 1)CNIT 124 Ch 13: Post Exploitation (Part 1)
CNIT 124 Ch 13: Post Exploitation (Part 1)
 
CNIT 141: 9. Elliptic Curve Cryptosystems
CNIT 141: 9. Elliptic Curve CryptosystemsCNIT 141: 9. Elliptic Curve Cryptosystems
CNIT 141: 9. Elliptic Curve Cryptosystems
 
Tcpdump hunter
Tcpdump hunterTcpdump hunter
Tcpdump hunter
 
CNIT 141 8. Public-Key Cryptosystems Based on the DLP
CNIT 141 8. Public-Key Cryptosystems Based on the DLPCNIT 141 8. Public-Key Cryptosystems Based on the DLP
CNIT 141 8. Public-Key Cryptosystems Based on the DLP
 
Cloud Foundry Monitoring How-To: Collecting Metrics and Logs
Cloud Foundry Monitoring How-To: Collecting Metrics and LogsCloud Foundry Monitoring How-To: Collecting Metrics and Logs
Cloud Foundry Monitoring How-To: Collecting Metrics and Logs
 
CNIT 50: 6. Command Line Packet Analysis Tools
CNIT 50: 6. Command Line Packet Analysis ToolsCNIT 50: 6. Command Line Packet Analysis Tools
CNIT 50: 6. Command Line Packet Analysis Tools
 
CNIT 125 Ch 5 Communication & Network Security (part 2 of 2)
CNIT 125 Ch 5 Communication & Network Security (part 2 of 2)CNIT 125 Ch 5 Communication & Network Security (part 2 of 2)
CNIT 125 Ch 5 Communication & Network Security (part 2 of 2)
 
CNIT 141: 10. Digital Signatures
CNIT 141: 10. Digital SignaturesCNIT 141: 10. Digital Signatures
CNIT 141: 10. Digital Signatures
 
Navigating the Ecosystem of Pivotal Cloud Foundry Tiles
Navigating the Ecosystem of Pivotal Cloud Foundry TilesNavigating the Ecosystem of Pivotal Cloud Foundry Tiles
Navigating the Ecosystem of Pivotal Cloud Foundry Tiles
 

Similar to Tcpdump

Tc pdump mod
Tc pdump modTc pdump mod
Tc pdump mod
Sini
 
Exploiting Network Protocols To Exhaust Bandwidth Links 2008 Final
Exploiting Network Protocols To Exhaust Bandwidth Links 2008 FinalExploiting Network Protocols To Exhaust Bandwidth Links 2008 Final
Exploiting Network Protocols To Exhaust Bandwidth Links 2008 Finalmasoodnt10
 
8c21da14 1c9c-44ee-8e24-9a1ddd64ca82-150211062639-conversion-gate02
8c21da14 1c9c-44ee-8e24-9a1ddd64ca82-150211062639-conversion-gate028c21da14 1c9c-44ee-8e24-9a1ddd64ca82-150211062639-conversion-gate02
8c21da14 1c9c-44ee-8e24-9a1ddd64ca82-150211062639-conversion-gate02
Anand Nandani
 
Ngrep commands
Ngrep commandsNgrep commands
Ngrep commands
Rishu Seth
 
CN 1.docx
CN 1.docxCN 1.docx
CN 1.docx
DhanalakshmiSrinivas7
 
NUSE (Network Stack in Userspace) at #osio
NUSE (Network Stack in Userspace) at #osioNUSE (Network Stack in Userspace) at #osio
NUSE (Network Stack in Userspace) at #osio
Hajime Tazaki
 
Linux Network commands
Linux Network commandsLinux Network commands
Linux Network commands
Hanan Nmr
 
Tcpip (Dharmender Kumar) 09990478253
Tcpip (Dharmender Kumar) 09990478253Tcpip (Dharmender Kumar) 09990478253
Tcpip (Dharmender Kumar) 09990478253guestda14e85
 
Tomasz P from Poland
Tomasz P from PolandTomasz P from Poland
Tomasz P from Poland
irenazd
 
Pcapy and dpkt - tcpdump on steroids - Ran Leibman - DevOpsDays Tel Aviv 2018
Pcapy and dpkt - tcpdump on steroids - Ran Leibman - DevOpsDays Tel Aviv 2018Pcapy and dpkt - tcpdump on steroids - Ran Leibman - DevOpsDays Tel Aviv 2018
Pcapy and dpkt - tcpdump on steroids - Ran Leibman - DevOpsDays Tel Aviv 2018
DevOpsDays Tel Aviv
 
Open Source Debugging v1.3.2
Open Source Debugging v1.3.2Open Source Debugging v1.3.2
Open Source Debugging v1.3.2
Matthew McCullough
 
nwlab-ex1.pdf
nwlab-ex1.pdfnwlab-ex1.pdf
nwlab-ex1.pdf
Jayaprasanna4
 
Netcat - 101 Swiss Army Knife
Netcat - 101 Swiss Army KnifeNetcat - 101 Swiss Army Knife
Netcat - 101 Swiss Army Knife
n|u - The Open Security Community
 
Netcat 101 by-mahesh-beema
Netcat 101 by-mahesh-beemaNetcat 101 by-mahesh-beema
Netcat 101 by-mahesh-beemaRaghunath G
 
Parrot Drones Hijacking
Parrot Drones HijackingParrot Drones Hijacking
Parrot Drones Hijacking
Priyanka Aash
 
import rdma: zero-copy networking with RDMA and Python
import rdma: zero-copy networking with RDMA and Pythonimport rdma: zero-copy networking with RDMA and Python
import rdma: zero-copy networking with RDMA and Pythongroveronline
 
wireshark.pdf
wireshark.pdfwireshark.pdf
wireshark.pdf
ssuserafc27c
 
RAT - Repurposing Adversarial Tradecraft
RAT - Repurposing Adversarial TradecraftRAT - Repurposing Adversarial Tradecraft
RAT - Repurposing Adversarial Tradecraft
⭕Alexander Rymdeko-Harvey
 

Similar to Tcpdump (20)

Tc pdump mod
Tc pdump modTc pdump mod
Tc pdump mod
 
Exploiting Network Protocols To Exhaust Bandwidth Links 2008 Final
Exploiting Network Protocols To Exhaust Bandwidth Links 2008 FinalExploiting Network Protocols To Exhaust Bandwidth Links 2008 Final
Exploiting Network Protocols To Exhaust Bandwidth Links 2008 Final
 
8c21da14 1c9c-44ee-8e24-9a1ddd64ca82-150211062639-conversion-gate02
8c21da14 1c9c-44ee-8e24-9a1ddd64ca82-150211062639-conversion-gate028c21da14 1c9c-44ee-8e24-9a1ddd64ca82-150211062639-conversion-gate02
8c21da14 1c9c-44ee-8e24-9a1ddd64ca82-150211062639-conversion-gate02
 
Netcat
NetcatNetcat
Netcat
 
Ngrep commands
Ngrep commandsNgrep commands
Ngrep commands
 
CN 1.docx
CN 1.docxCN 1.docx
CN 1.docx
 
NUSE (Network Stack in Userspace) at #osio
NUSE (Network Stack in Userspace) at #osioNUSE (Network Stack in Userspace) at #osio
NUSE (Network Stack in Userspace) at #osio
 
Linux Network commands
Linux Network commandsLinux Network commands
Linux Network commands
 
Tcpip (Dharmender Kumar) 09990478253
Tcpip (Dharmender Kumar) 09990478253Tcpip (Dharmender Kumar) 09990478253
Tcpip (Dharmender Kumar) 09990478253
 
Tomasz P from Poland
Tomasz P from PolandTomasz P from Poland
Tomasz P from Poland
 
Pcapy and dpkt - tcpdump on steroids - Ran Leibman - DevOpsDays Tel Aviv 2018
Pcapy and dpkt - tcpdump on steroids - Ran Leibman - DevOpsDays Tel Aviv 2018Pcapy and dpkt - tcpdump on steroids - Ran Leibman - DevOpsDays Tel Aviv 2018
Pcapy and dpkt - tcpdump on steroids - Ran Leibman - DevOpsDays Tel Aviv 2018
 
Open Source Debugging v1.3.2
Open Source Debugging v1.3.2Open Source Debugging v1.3.2
Open Source Debugging v1.3.2
 
nwlab-ex1.pdf
nwlab-ex1.pdfnwlab-ex1.pdf
nwlab-ex1.pdf
 
Netcat - 101 Swiss Army Knife
Netcat - 101 Swiss Army KnifeNetcat - 101 Swiss Army Knife
Netcat - 101 Swiss Army Knife
 
Netcat 101 by-mahesh-beema
Netcat 101 by-mahesh-beemaNetcat 101 by-mahesh-beema
Netcat 101 by-mahesh-beema
 
Parrot Drones Hijacking
Parrot Drones HijackingParrot Drones Hijacking
Parrot Drones Hijacking
 
import rdma: zero-copy networking with RDMA and Python
import rdma: zero-copy networking with RDMA and Pythonimport rdma: zero-copy networking with RDMA and Python
import rdma: zero-copy networking with RDMA and Python
 
wireshark.pdf
wireshark.pdfwireshark.pdf
wireshark.pdf
 
A22 Introduction to DTrace by Kyle Hailey
A22 Introduction to DTrace by Kyle HaileyA22 Introduction to DTrace by Kyle Hailey
A22 Introduction to DTrace by Kyle Hailey
 
RAT - Repurposing Adversarial Tradecraft
RAT - Repurposing Adversarial TradecraftRAT - Repurposing Adversarial Tradecraft
RAT - Repurposing Adversarial Tradecraft
 

More from Sourav Roy

Network Protocol Analyzer
Network Protocol AnalyzerNetwork Protocol Analyzer
Network Protocol AnalyzerSourav Roy
 
Network Protocol Analyzer
Network Protocol AnalyzerNetwork Protocol Analyzer
Network Protocol AnalyzerSourav Roy
 
Proxy Servers
Proxy ServersProxy Servers
Proxy Servers
Sourav Roy
 
Network Protocol Analyzer
Network Protocol AnalyzerNetwork Protocol Analyzer
Network Protocol AnalyzerSourav Roy
 
Proxy Servers
Proxy ServersProxy Servers
Proxy Servers
Sourav Roy
 
By Nithin & group
By Nithin & groupBy Nithin & group
By Nithin & groupSourav Roy
 
Remote Login- Noesis
Remote Login- NoesisRemote Login- Noesis
Remote Login- NoesisSourav Roy
 
Ssh And Rlogin
Ssh And RloginSsh And Rlogin
Ssh And RloginSourav Roy
 
Project Sparsh
Project SparshProject Sparsh
Project SparshSourav Roy
 
Http Proxy Server
Http Proxy ServerHttp Proxy Server
Http Proxy ServerSourav Roy
 
Introduction To H1N1
Introduction To H1N1Introduction To H1N1
Introduction To H1N1Sourav Roy
 
Anabhra Ratri Ki Anupama
Anabhra Ratri Ki AnupamaAnabhra Ratri Ki Anupama
Anabhra Ratri Ki Anupama
Sourav Roy
 
Transmission Media
Transmission MediaTransmission Media
Transmission Media
Sourav Roy
 

More from Sourav Roy (14)

Network Protocol Analyzer
Network Protocol AnalyzerNetwork Protocol Analyzer
Network Protocol Analyzer
 
Network Protocol Analyzer
Network Protocol AnalyzerNetwork Protocol Analyzer
Network Protocol Analyzer
 
Proxy Servers
Proxy ServersProxy Servers
Proxy Servers
 
Network Protocol Analyzer
Network Protocol AnalyzerNetwork Protocol Analyzer
Network Protocol Analyzer
 
Proxy Servers
Proxy ServersProxy Servers
Proxy Servers
 
By Nithin & group
By Nithin & groupBy Nithin & group
By Nithin & group
 
Remote Login- Noesis
Remote Login- NoesisRemote Login- Noesis
Remote Login- Noesis
 
Ssh And Rlogin
Ssh And RloginSsh And Rlogin
Ssh And Rlogin
 
Project Sparsh
Project SparshProject Sparsh
Project Sparsh
 
Remote Login
Remote LoginRemote Login
Remote Login
 
Http Proxy Server
Http Proxy ServerHttp Proxy Server
Http Proxy Server
 
Introduction To H1N1
Introduction To H1N1Introduction To H1N1
Introduction To H1N1
 
Anabhra Ratri Ki Anupama
Anabhra Ratri Ki AnupamaAnabhra Ratri Ki Anupama
Anabhra Ratri Ki Anupama
 
Transmission Media
Transmission MediaTransmission Media
Transmission Media
 

Recently uploaded

Leading Change strategies and insights for effective change management pdf 1.pdf
Leading Change strategies and insights for effective change management pdf 1.pdfLeading Change strategies and insights for effective change management pdf 1.pdf
Leading Change strategies and insights for effective change management pdf 1.pdf
OnBoard
 
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdfFIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance
 
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
UiPathCommunity
 
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Thierry Lestable
 
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Ramesh Iyer
 
Neuro-symbolic is not enough, we need neuro-*semantic*
Neuro-symbolic is not enough, we need neuro-*semantic*Neuro-symbolic is not enough, we need neuro-*semantic*
Neuro-symbolic is not enough, we need neuro-*semantic*
Frank van Harmelen
 
UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3
DianaGray10
 
Elevating Tactical DDD Patterns Through Object Calisthenics
Elevating Tactical DDD Patterns Through Object CalisthenicsElevating Tactical DDD Patterns Through Object Calisthenics
Elevating Tactical DDD Patterns Through Object Calisthenics
Dorra BARTAGUIZ
 
Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !
KatiaHIMEUR1
 
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdfFIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance
 
JMeter webinar - integration with InfluxDB and Grafana
JMeter webinar - integration with InfluxDB and GrafanaJMeter webinar - integration with InfluxDB and Grafana
JMeter webinar - integration with InfluxDB and Grafana
RTTS
 
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
Product School
 
Bits & Pixels using AI for Good.........
Bits & Pixels using AI for Good.........Bits & Pixels using AI for Good.........
Bits & Pixels using AI for Good.........
Alison B. Lowndes
 
Key Trends Shaping the Future of Infrastructure.pdf
Key Trends Shaping the Future of Infrastructure.pdfKey Trends Shaping the Future of Infrastructure.pdf
Key Trends Shaping the Future of Infrastructure.pdf
Cheryl Hung
 
Essentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with ParametersEssentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with Parameters
Safe Software
 
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
BookNet Canada
 
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdfFIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance
 
When stars align: studies in data quality, knowledge graphs, and machine lear...
When stars align: studies in data quality, knowledge graphs, and machine lear...When stars align: studies in data quality, knowledge graphs, and machine lear...
When stars align: studies in data quality, knowledge graphs, and machine lear...
Elena Simperl
 
DevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA ConnectDevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA Connect
Kari Kakkonen
 
Monitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR EventsMonitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR Events
Ana-Maria Mihalceanu
 

Recently uploaded (20)

Leading Change strategies and insights for effective change management pdf 1.pdf
Leading Change strategies and insights for effective change management pdf 1.pdfLeading Change strategies and insights for effective change management pdf 1.pdf
Leading Change strategies and insights for effective change management pdf 1.pdf
 
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdfFIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
 
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
 
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
 
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
 
Neuro-symbolic is not enough, we need neuro-*semantic*
Neuro-symbolic is not enough, we need neuro-*semantic*Neuro-symbolic is not enough, we need neuro-*semantic*
Neuro-symbolic is not enough, we need neuro-*semantic*
 
UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3
 
Elevating Tactical DDD Patterns Through Object Calisthenics
Elevating Tactical DDD Patterns Through Object CalisthenicsElevating Tactical DDD Patterns Through Object Calisthenics
Elevating Tactical DDD Patterns Through Object Calisthenics
 
Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !
 
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdfFIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
 
JMeter webinar - integration with InfluxDB and Grafana
JMeter webinar - integration with InfluxDB and GrafanaJMeter webinar - integration with InfluxDB and Grafana
JMeter webinar - integration with InfluxDB and Grafana
 
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
 
Bits & Pixels using AI for Good.........
Bits & Pixels using AI for Good.........Bits & Pixels using AI for Good.........
Bits & Pixels using AI for Good.........
 
Key Trends Shaping the Future of Infrastructure.pdf
Key Trends Shaping the Future of Infrastructure.pdfKey Trends Shaping the Future of Infrastructure.pdf
Key Trends Shaping the Future of Infrastructure.pdf
 
Essentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with ParametersEssentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with Parameters
 
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
 
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdfFIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
 
When stars align: studies in data quality, knowledge graphs, and machine lear...
When stars align: studies in data quality, knowledge graphs, and machine lear...When stars align: studies in data quality, knowledge graphs, and machine lear...
When stars align: studies in data quality, knowledge graphs, and machine lear...
 
DevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA ConnectDevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA Connect
 
Monitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR EventsMonitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR Events
 

Tcpdump

  • 1. TCPDUMP THINK OF U LATER
  • 2. AGENDA  INTRO TO TCPDUMP.  DECIFERING A DATA PACKET.  BASIC USAGE.  INTERMEDIATE USAGE.  HACK-A-TACK…  REFERENCES.  ACKNOWLEDGEMENTS.
  • 3. TCPDUMP  It is an ip utility tool used for real-time packet sniffing(Network).  Command line program comes in built in a Unix based system.  Programs like ethereal(Wireshark) provide an alternative to Tcpdump in GUI environment.
  • 4. INTRO operating system used OPEN SYSTEM- UBUNTU 9.10 software used program version manner of installation TCPDUMP 4.0.0 PRE-INSTALLED document history version date changes 1.0.0 2004-04-14 -concieved - new document history scheme 1.0.1 2005-10-05 - minor corrections and some new examples
  • 5. DECIFERING A DATA PACKET Reference
  • 7. COMMAND LINE N OPTION Option Descriptions -i -Tells the interface we are using. -e -Gives the MAK address. -q -Stay quite rather than printing more info. -v -Stay verbous. -vv -Very verbous. -t -Remove time stamp. -l -Buffers one line at a time on output. -c -Count of packet to capture. -w -Write to a file then printing on screen. -r -Read the content of file.
  • 8. EXPRESSIONS  Negation.  Concatenation.  Alternation. Example: 1. #tcpdump –w hades.txt not port 22 2. # cat > filterfile dst host spider and "(udp or proto 51)" and not (src host peter or src host goblin)" Ctrl-D # tcpdump -F filterfile
  • 9. HACK-A-TACK STEPS: 1. Footprinting. 2. Scanning. 3. Hacking sys n OS. 4. Tools. 5. Ddos. 6. Hacking website.
  • 10. CONCLUSION  #tcpdump –qel |tee hades.txt -vv src host <ip_in_network> and "(udp or http)" and dst host <ip_of_server>  # tcpdump -i eth0 -nq not "(port 22 and host <ip_firewall>)" and not "(port 53 or 80 or 110 or 119 or 443)" and dst host <my_ip>  # tcpdump -i tun0 -nq and not port '(20 or 21 or 25 or 53 or 80 or 110 or 119 or 123 or 443)' and not icmp and src host <my_ip>
  • 13. REFERENCE Go back