==tcpdump In order to listen all packets from/to host 10.1.1.1, we could use {{{ tcpdump -n host 10.1.1.1 #from/to host 10.1.1.1 tcpdump -n src host 10.1.1.1 #from host 10.1.1.1 tcpdump -n dst host 10.1.1.1 #to host 10.1.1.1 }}} In order to listen all packets through specific network interface, we could use {{{ tcpdump -n -i eth0 #network interface eth0 }}} The parameter //-n// is used to avoid converting addresses (i.e., host address, port numbers, etc) to names. We could also use {{{ tcpdump -n net 1.2.3.0/24 #capture an entire networking using CIDR notation tcpdump -n port 22 #capture packets through port 23 tcpdump -n dst port 22 tcpdump -n tcp #capture all tcp packets tcpdump -n tcp port 22 tcpdump -n "icmp or arp" #capture either ICMP or ARP packets }}} ==Netcat If we want to send a message to host 10.1.1.1 with port number **6666**, we could use {{{ echo 'Hello World' | nc 10.1.1.1 6666 }}} We could also use it to start a server, say we want to listen on port **2000** and send some text back, we could use {{{ nc -l 2000 -e /usr/bin/cat #on Linux nc -l 2000 #on Mac OS }}} Now, we could connect to the server {{{ nc localhost 2000 # and then we can type whatever we want }}} === References #[[http://www.rationallyparanoid.com/articles/tcpdump.html|Tcpdump usage examples]] #[[https://danielmiessler.com/study/tcpdump/|A tcpdump Primer with Examples]] #[[http://www.debian-administration.org/article/58/Netcat_The_TCP/IP_Swiss_army_knife|Netcat: The TCP/IP Swiss army knife]]