So the simple “ls” command is one we use often but like many nix commands you may not delve into it other than basic usage. ls -1 is interesting as it gives a directory list in one column of text – this can be great if you want to pipe it into a search or another collection of commands.
ls -1
3245
340598
453.tx
asdf
bb.txt
d9e8rh.txt
qwer
sdfew.sh
ls -f is also useful as it creates a sorted list
ls -f
ls -f
3245 453.tx bb.txt qwer
340598 asdf d9e8rh.txt sdfew.sh
Combining the 2 commands is also possible ls -f -1
On one level the above is fairly simple stuff, but it’s the combination of these lego like commands that suddenly become very useful and powerful over time.
So I have a number of journals one of which I call “Spells” ! It’s just a collection of scripts commands etc. But for years now I’ve been thinking about putting together some short snappy articles about each of them – so finally hear we go!
Tcpdump is a “data-network packet analyser computer program” What does it do? It lets you look at network traffic and see what is coming into and out of your computer.
Typically this can be useful if you want to see what is going on with a particular application (it might be a web server or a mail server – you might want to look at DNS traffic).
Usage is fairly straight forward
ie “sudo tcpdump” Will give you pretty much everything coming in and going out of the machine. It’s interesting to run this and if you look closely you can get an idea of web page construction – live connectivity all sorts of interesting stuff. But it is sometimes a lot of information (use control command key combination to stop the session).
sudo tcpdump port 53 Will give you an idea of whats going on with regards DNS If your running a web server “sudo tcpdump port 80” or “sudo tcpdump port 443” will give you a good picture of whats going on.
It’s even useful just to see if the network is up – for example you can bring up a couple of terminal windows “sudo tcpdump icmp” in one window and “ping 8.8.4.4” in another, will give you feedback like this and indeed prove that your computer is infact on the interweb!
Tcpdump and icmp running in seperate terminal windowss!
If you want to actually capture data to a file try something like this “sudo tcpdump -s 0 -w dumpfile host 8.8.8.8” and then “ping 8.8.8.8” that will create a packet dump in a format that can be read via tcpdump or something like wireshark if you want to view things in a GUI.
Although this is just a basic introduction to packet tracing, tcpdump is the grandaddy of all packet tracers and it’s a good skill to have.
One word of warning though, is that you should not run tcpdump on a network that is not yours! Ie check if your doing this at work, as in some situations it could be considered not appropriate or verging on hacking. Use with caution!
So the simple “ls” command is one we use often but like many nix commands you may not delve into it other than basic usage. ls -1 is interesting as it gives a directory list in one column of text – this can be great if you want to pipe it into a search or another collection of commands.
