Wednesday, July 13, 2016

Using pcap to analyze the network packets and troubleshooting web applications

If you are facing the problems with the webrequest and getting an error status. Than you can monitor the responses on the server side and client side by monitoring the packets sent over the network. You can use the tcpdump for it. If you want to have a greater insight into whats happening over your network than you need to capture the packets and analyze it using the network packet analyzer tool such as wireshark.

Else you can use the tcpdump also to view the packets captured. The pcap file needs to generated which captures your packet over the network and is basically a binary file. You need to query that file using the tcpdump or wireshark to see whats happening in your network.

To generated the pcap file for monitization use the following command

 tcpdump -i eth0 -s 65535 -w request.pcap  

To analyze the pcap file use the following command

 tcpdump -qns 0 -X -r request.pcap  

you should see the time of the request, Ip from which request was received, your server ip, protocol tcp or udp, packets information.


Post a Comment