글
17. Dos 에서 단순 Packet Capture
# 단순한 Packet Capture 가 필요한 경우가 있다!
# WireShark 가 없는 경우 Windows Command 상태에서
# Packet Capture 할 수 있는 단순한 Command 입니다.
# 사용방법 또한 단순 그 자체!
- 관리자 권한 으로 실행된 CMD 창에서 동작
# 출처
https://www.elifulkerson.com/projects/rawsniff.php
rawsniff.exe# Option
Usage: rawsniff.exe [options] Note: Must be administrator due to raw socket restrictions. Also, antivirus may complain that you're opening a raw socket. IPv4 only. Options: -? Get this help screen -v Display version information --listen X Listen on specified IP address (otherwise choose from list) Types of packets: --tcp Display TCP matches --udp Display UDP matches --icmp Display ICMP matches --other Display matches for other protocols Output options: --brief Display brief (single line) packet information (default) --data Brief mode, including readable ASCII data payloads --list Display a list of packet information --full Display the full list of packet information --gag No output to console --pcap Write out a timestamp.pcap file in the current directory. (libpcap format) --packets X Program exits after certain count of matching packets are displayed (default is 2,147,483,647) Filter: --ip X Match packets with this IP in either src_ip or dst_ip --port X Match packets with this IP in either src_port or dst_port --src_ip X If specified, display packets with a given src_ip only --dst_ip X If specfied, display packets with a given dst_ip only --src_port X If specified, display packets with a given src_port only --dst_port X If specified, display packets with a given dst_port only --nopid Disable the process info display, which is on by default. --pid X If specified, display packets that belong to a given Process ID only --process X If specified, display packets that belong to a given Process name only |
#
'Program' 카테고리의 다른 글
| 19. SFTP, FTP 접속 프로그램(WinSCP) (0) | 2017.08.28 |
|---|---|
| 18. 초경량 엑셀 편집 프로그램 (0) | 2017.07.06 |
| 16. Port 로 Ping 하기 (0) | 2017.07.04 |
| 15. Notepad2 (0) | 2017.05.17 |
| 14. 윈도우에서 파일 검색 (0) | 2016.12.23 |
