Solaris環境下使用snoop命令抓包
阿新 • • 發佈:2018-12-09
(1)報文抓取
Solaris中自帶有snoop抓包工具,通過執行相應的命令抓取。
抓取目的地址為10.8.3.250的資料包,並存放到/opt/cap250的檔案裡
snoop -o /opt/cap250 host 10.8.3.250
(2)報文下載
方法1:使用scp命令,將當前裝置上/下的test.cap檔案傳輸到IP為10.8.12.90裝置/mnt/hfs1目錄下
-bash-3.2# scp /test.cap [email protected]:/mnt/hfs1/test.cap
The authenticity of host '10.8.12.90 (10.8.12.90)' can't be established.
RSA key fingerprint is ed:d6:cc:15:2b:15:c2:af:0f:c2:b0:4d:44:08:09:ca.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '10.8.12.90' (RSA) to the list of known hosts.
[email protected]'s password:
test.cap 100% |************************************************************************| 18320 00:00
方法2:使用SSH Secure File Transfer Client下載到本地;