Arief Yudhawarman

Masih belajar buat blog

Archive for April 2010

tcpdump dan wireshark untuk sniffing network

with 2 comments

tcpdump is a packet sniffer. It is able to capture traffic that passes through a machine. It operates on a packet level, meaning that it captures the actual packets that fly in and out of your computer. It can save the packets into a file. You can save whole packets or only the headers. Later you can “play” recorded file and apply different filters on the packets, telling tcpdump to ignore packets that you are not interested to see.

Under the hood, tcpdump understands protocols and host names. It will do all in its power to see what host sent each packet and will tell you its name instead of the IP address.

It is exceptionally useful tool for debugging what might have caused certain networking related problem. It is an excellent tool to learn new things.
Referensi: TCP Dump For Dummies
Read the rest of this entry »

Written by awarmanf

April 29, 2010 at 9:45 am

Posted in Linux, sniffing

Tagged with , ,