A Beginners Guide to tcpdump | Search for a title, author or keyword | ||||||||
A Beginners Guide to tcpdump Andy Wagoner. In order to successfully sniff packets you need to be on a LAN that is connected to a hub or a switch that has port mirroring enabled. When using packet sniffing tools, keep in mind that there are distinct differences between a hub and switch, which can make your packet sniffing experience a difficult one if you don’t understand them. First, the hub does not know how to route the traffic. Second, a switch knows to accept traffic on a specific port(s). The network traffic is not broadcast to all computers that are connected to it. If you want to sniff traffic from a switch, you must first enable port mirroring. This configures the switch to “duplicate” the traffic and send it to the specified port enabling a sniffer to gather information.
|
|||||||||
A Beginners Guide to tcpdump | Disclaimer: this link points to content provided by other sites. |