SDB:Monitoring HTTP Packets

Şuraya atla: kullan, ara 


Version: 1 -

Situation

You want to monitor and analyze data transferred via HTTP.

Procedure

  1. Prerequisites:
    • If possible, eliminate accesses to the web server other than a test client.
    • The connection must be unencrypted so that the data can be analyzed.
    • Passwords are logged in plain text. If necessary, use a test account for the logins.
  2. Execute the following command in a root console:
tcpdump -n -i eth0 -s 0 -w dump.out src or dst port 80
Modify the interface eth0 according to your needs.
  1. Start a client (browser) and generate the problem to monitor.
  2. Stop tcpdump by pressing CTRL+C.
  3. Examine the finished file dump.out with any editor. However, many nonsensical characters are also displayed.
    As an alternative approach, import the file into the program "ethereal" where, by right-clicking, it can be displayed in TCP packets ("Follow TCP Stream") in a reader-friendly form.

<keyword>tcpdump,apache,ethereal</keyword>

"https://tr.opensuse.org/index.php?title=SDB:Monitoring_HTTP_Packets&oldid=2943" adresinden alındı.