Description: In this video you can learn how to use tshark command line utility for capturing traffic.
tshark :- TShark is a network protocol analyzer. It lets you capture packet data from a live network, or read packets from a previously saved capture file, either printing a decoded form of those packets to the standard output or writing the packets to a file. TShark's native capture file format is libpcap format, which is also the format used by tcpdump and various other tools.
http://www.wireshark.org/docs/man-pages/tshark.html
SYNOPSIS
tshark [ -a <capture autostop="" condition=""> ] ... [ -b <capture ring="" buffer="" option="">] ... [ -B <capture buffer="" size=""> ] [ -c <capture packet="" count=""> ] [ -C <configuration profile=""> ] [ -d <layer type="">==<selector>,<decode-as protocol=""> ] [ -D ] [ -e <field> ] [ -E <field print="" option=""> ] [ -f <capture filter=""> ] [ -F <file format=""> ] [ -h ] [ -i <capture interface="">|- ] [ -I ] [ -K <keytab> ] [ -l ] [ -L ] [ -n ] [ -N <name resolving="" flags=""> ] [ -o <preference setting=""> ] ... [ -p ] [ -q ] [ -r <infile> ] [ -R <read (display)="" filter=""> ] [ -s <capture snaplen=""> ] [ -S ] [ -t ad|a|r|d|dd|e ] [ -T pdml|psml|ps|text|fields ] [ -v ] [ -V ] [ -w <outfile>|- ] [ -x ] [ -X <eXtension option="">] [ -y <capture link="" type=""> ] [ -z <statistics> ] [ <capture filter=""> ]
Tags: tshark , packets , capture , network ,
Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying.
Looks like interesting things we can do using this tool. every wireshark product is best.
wireshark is gui version of tshark