반응형
아래 명령 예시처럼 수행하면, tcp syn과 reset 패킷을 확인할 수 있다.
$ tcpdump -i enp1s0 -nN "tcp[tcpflags] == tcp-syn or tcp[tcpflags] == tcp-rst"
16:55:16.516453 IP 65.49.1.10.42458 > 112.169.87.89.87: Flags [S], seq 3730493766, win 65535, length 0
16:55:19.755480 IP 140.99.191.218.57246 > 112.169.89.88.26720: Flags [S], seq 417367123, win 1024, length 0
16:55:19.960898 IP 140.99.191.218.57246 > 112.169.89.88.26720: Flags [R], seq 417367124, win 1200, length 0
16:55:19.991267 IP 185.11.61.225.44794 > 112.169.89.88.38956: Flags [S], seq 163297978, win 1024, length 0
16:55:20.146215 IP 185.11.61.225.44794 > 112.169.89.88.38956: Flags [R], seq 163297979, win 1200, length 0
16:55:38.865833 IP 140.99.191.218.57246 > 112.169.89.88.19331: Flags [S], seq 523253283, win 1024, length 0
'Network' 카테고리의 다른 글
VPN/IPsec, Netfilter Packet Flow 스터디 자료 모음 (0) | 2023.09.06 |
---|---|
TCP/IP Network (0) | 2023.08.01 |
10G L3 Switch 장비 추천 (NEXTU 3424GL3-10G) (3) | 2023.04.13 |
Linux Networking Control with C language, Golang (Netfilter, Netlink) (0) | 2023.03.03 |
CISCO ACI(Application Centric Infra), APIC and Kubernetes (0) | 2022.07.19 |