Q. For my academic project I would like to monitor and analyze data transferred via HTTP. How do I monitor HTTP Packets?
A. The easiest way is to use tcpdump program/command, which dumps traffic on a network. Tcpdump prints out the headers of packets on a network interface that match the given criteria such as monitor port 80 for http.
It can also be run with the -w flag, which causes it to save the packet data to a file for later analysis, and/or with the -r flag, which causes it to read from a saved packet file rather than to read packets from a network interface.
Type the following command at shell prompt:
# tcpdump -n -i eth0 -s 0 -w output.txt src or dst port 80
Where,
- -n : Don’t convert addresses (i.e., host addresses, port numbers, etc.) to names.
- -i eth0 : Specify interface to capture data.
- -s 0 : Snarf snaplen bytes of data from each packet rather than the default of 68. Setting to 0 means use the required length to catch whole packets.
- -w output.txt : Save data to output.txt file
- src or dst port 80 : Capture port 80.
Now open a browser and run your site and do other stuff. When finished stop tcpdump and open output.txt file for analyze data.
🐧 Get the latest tutorials on Linux, Open Source & DevOps via:
- RSS feed or Weekly email newsletter
- Share on Twitter • Facebook • 2 comments... add one ↓
Category | List of Unix and Linux commands |
---|---|
File Management | cat |
Firewall | Alpine Awall • CentOS 8 • OpenSUSE • RHEL 8 • Ubuntu 16.04 • Ubuntu 18.04 • Ubuntu 20.04 |
Network Utilities | dig • host • ip • nmap |
OpenVPN | CentOS 7 • CentOS 8 • Debian 10 • Debian 8/9 • Ubuntu 18.04 • Ubuntu 20.04 |
Package Manager | apk • apt |
Processes Management | bg • chroot • cron • disown • fg • jobs • killall • kill • pidof • pstree • pwdx • time |
Searching | grep • whereis • which |
User Information | groups • id • lastcomm • last • lid/libuser-lid • logname • members • users • whoami • who • w |
WireGuard VPN | Alpine • CentOS 8 • Debian 10 • Firewall • Ubuntu 20.04 |
i have Fedora Core 6.0 and attach Printer Samsung ML – 1610. now i want to access that printer from Windows 2000 professional. Should i access that printer or not? if yes than how?
Thanx
the best http sniffer I ever seen on linux is justniffer . It is able to produce logs as an apache web server and you can add all other HTTP header fields.