A tcpdump Tutorial with Examples from https://danielmiessler.com/p/tcpdump


50 ways to isolate traffic for cybersecurity, network administration, and other technical roles

ip header 2021

The TCP/IP Header

UPDATED: August 27, 2023

Table of Contents

  1. Introduction
    • Overview of tcpdump
    • Basics of traffic isolation
  2. Getting Started with tcpdump
    • Viewing traffic on an interface
    • Viewing HTTPS traffic
    • Limiting packets
  3. Information Security Examples
    • Capturing credentials
    • Monitoring suspicious domain traffic
    • SMB Traffic
    • Capturing TCP RESET-ACK Packets
  4. Filtering & Searching Traffic
    • Filtering by IP
    • Filtering by Source/Destination
    • Filtering by Network
    • Filtering by Port
  5. Common Options in tcpdump
    • Overview of key options
  6. Advanced Techniques
    • Combinations of filters: AND, OR, EXCEPT
    • Isolating TCP Flags
    • Raw output view
  7. Everyday Recipe Examples
    • Capturing HTTP User Agents
    • Identifying cleartext passwords
    • Finding traffic with the “Evil Bit”
  8. Reading/Writing to PCAP files
    • Writing to a file
    • Reading from a file

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.