hi beautiful folks,
i am extremely new into cyber security and it i am doing this module Introduction to network analysis and i am stuck into few questions ( yes i did try many times ) kindly i would highly appreciate if u guys could help me please. thank you in advance.
Q1) If I wish to start a capture without hostname resolution, verbose output, showing contents in ASCII and hex, and grab the first 100 packets; what are the switches used? please answer in the order the switches are asked for in the question.
Q2)Given the capture file at /tmp/capture.pcap, what tcpdump command will enable you to read from the capture and show the output contents in Hex and ASCII? (Please use best practices when using switches)
Q3)What TCPDump switch will allow us to pipe the contents of a pcap file out to another function such as ‘grep’?
Q4)How do you start a capture with TCPDump to capture on eth0?