I've looked throughout the website and couldn't pin down an answer so here it goes~~
I am in a lab group we are working with tcpdump syntax and filters. We did the prelab, but in the book we are unable to find exact answers to two of the questions.
1. Write the syntax of a tcpdump command that captures packets containing IP datagrams between two hosts with IP addresses 10.0.1.11 and 10.0.1.12, both on interface eth1.... my guess is
tcpdump -n -i host 10.0.1.11 and 10.0.1.12
but i'm probably wrong.....and
2.. Write a tcpdump filter expression that captures packets containing TCP segments with a source or destination IP address equal to 10.0.1.12 my guess for that one is.....
tcpdump -n host 10.0.1.12 and TCP
If anyone knows please respond....