cdp by using tcpdump

If you do not have a cdp command available on your linux server, then tcpdump can be used instead. $ sudo tcpdump -nn -v -s 1500 -c 1 ‘ether[20:2] == 0x2000’ -i eth0 tcpdump: listening on bond1, link-type EN10MB (Ethernet), capture size 1500 bytes 08:53:01.946674 CDPv2, ttl: 180s, checksum: 692 (unverified), length 254 Device-ID (0x01), […]

Read More

Listen to network traffic using tcpdump

Please note that you have to be the root user to use this command because it puts the network card in promiscuous mode. # tcpdump -i eth0 -A -s 0 udp port 1514 and host The example above command listens on port 1514 which is the port ossec-hids uses on its secure communication between […]

Read More