What command would you use to save a packet... PCAP format?

Post author:InfraExam
Post category:Blog
Post published:November 17, 2023
Reading time:1 mins read
Post last modified:June 12, 2024

What command would you use to save a packet capture in PCAP format?

sudo tcpdump -s 0 -n >evidence.pcap
sudo tcpdump -s 0 -n >>evidence.pcap
sudo tcpdump -s 0 -n -w evidence.pcap
sudo tcpdump -s 0 -n --writeevidence.pcap

Explanation & Hint:

The command you would use to save a packet capture in PCAP format is:

sudo tcpdump -s 0 -n -w evidence.pcap

The -w option is used to specify the output file in PCAP format, and in this case, it’s named “evidence.pcap.” This command captures network traffic, and the captured packets are written to the specified file in PCAP format.

What command would you use to save a packet capture in PCAP format?

For more Questions and Answers:

Endpoints and Systems Post-Assessment | CBROPS