Last active
March 23, 2022 03:54
-
-
Save i2tsuki/7018567f61cda0b2a70c7ec623ffea4a to your computer and use it in GitHub Desktop.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Operation memo | |
| ## Server Operation | |
| ### TCPdump | |
| ```bash | |
| # 128 MB で分割 | |
| tcpdump port 22 -t -n -w ./2020-06-02T1100.pcap -C 128 -W 10 | |
| # 1 分ごとに rotate | |
| tcpdump -A dst host 10.0.0.1 or dst host 10.0.0.2 -t -n -w ./2020-10-10T11%M%S.pcap -G 60 | |
| # 1 時間ごとに rotate | |
| tcpdump port 8080 -t -n -w ./%Y-%m-%dT%H%M.pcap -G 3600 -W 10 | |
| # pcap ファイル 読み込み | |
| tcpdump -t -r ./2020-06-02T1100.pcap | grep 'Flags \[S\]' | cut -d' ' -f 2 | sed -e 's/\.[0-9][0-9]*//g' | sort | uniq -c | |
| ``` |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment