Monday, June 29, 2015
monitoring Cubesats with SDR dongle.
This is an interesting use for SDR, which I've wanted to look into for a while
https://plus.google.com/+hackaday/posts/KWSRTq323YB
http://hackaday.com/2015/06/29/easy-way-to-listen-to-cube-sats/
http://soldersmoke.blogspot.com/2015/06/back-with-sats-catching-cubes-with.html
https://www.arrl.org/files/file/Technology/tis/info/pdf/ab18-16.pdf
http://www.heavens-above.com/AmateurSats.aspx
https://youtu.be/fKDlVyhDnEs
http://www.funcubedongle.com/
dos environment on arm processors
I have enough arm systems around to start playing with x86 system emulation to run a few systems hosted on arm boxes.
Thinks aren't going well, so there will be some notes here.
Hard disk doesn't work for some reason with qemu
Running Dos 622 on qemu
https://h3g3m0n.wordpress.com/2007/03/17/qemu-for-dos-abandonware-under-linux/
running windows 9.x on qemu
http://www.vogons.org/viewtopic.php?t=17324
running arch linux on qemu
https://wiki.archlinux.org/index.php/QEMU
Changing floppy disks on qemu
http://lists.gnu.org/archive/html/qemu-devel/2005-08/msg00119.html
Ctrl-Alt-2 (to start the monitor screen) eject fda change fda /path/to/new/floppy_image Ctrl-Alt-1
xx
Thursday, June 11, 2015
tcpdump crib sheet
How to implement max file size limits and “log rotation” with tcpdump
Writing this down so I don’t forget.The issue: You need to collect a packet capture for an extended amount of time but don’t want it to consume too much disk space.
The solution: Use the following tcpdump syntax:
tcpdump port 25 -s 0 -vvv -C 100 -W 50 -w /tmp/example.pcap
- -s 0 tells tcpdump to collect the entire packet contents.
- -vvv enables verbose logging/details (which among other things will give us a running total on how many packets are captured).
- -C 100 tells tcpdump to store up to 100 MB of packet data per file.
- -W 50 tells tcpdump to store up to 50 rollover files (example.pcap00, example.pcap01 … example.pcap49 at which point it would start over)
- -w /tmp/example.pcap tells tcpdump where to write the files. Important note on this: since tcpdump will be creating new files dynamically, this destination directory needs to be an area where it can create new files (for example /tmp).
Tcpdump usage examples
October 1, 2014
See the list of interfaces on which tcpdump can listen:
tcpdump -DListen on interface eth0:
tcpdump -i eth0Listen on any available interface (cannot be done in promiscuous mode. Requires Linux kernel 2.2 or greater):
tcpdump -i anyBe verbose while capturing packets:
tcpdump -vBe more verbose while capturing packets:
tcpdump -vvBe very verbose while capturing packets:
tcpdump -vvvBe verbose and print the data of each packet in both hex and ASCII, excluding the link level header:
tcpdump -v -XBe verbose and print the data of each packet in both hex and ASCII, also including the link level header:
tcpdump -v -XXBe less verbose (than the default) while capturing packets:
tcpdump -qLimit the capture to 100 packets:
tcpdump -c 100Record the packet capture to a file called capture.cap:
tcpdump -w capture.capRecord the packet capture to a file called capture.cap but display on-screen how many packets have been captured in real-time:
tcpdump -v -w capture.capDisplay the packets of a file called capture.cap:
tcpdump -r capture.capDisplay the packets using maximum detail of a file called capture.cap:
tcpdump -vvv -r capture.capDisplay IP addresses and port numbers instead of domain and service names when capturing packets (note: on some systems you need to specify -nn to display port numbers):
tcpdump -nCapture any packets where the destination host is 192.168.1.1. Display IP addresses and port numbers:
tcpdump -n dst host 192.168.1.1Capture any packets where the source host is 192.168.1.1. Display IP addresses and port numbers:
tcpdump -n src host 192.168.1.1Capture any packets where the source or destination host is 192.168.1.1. Display IP addresses and port numbers:
tcpdump -n host 192.168.1.1Capture any packets where the destination network is 192.168.1.0/24. Display IP addresses and port numbers:
tcpdump -n dst net 192.168.1.0/24Capture any packets where the source network is 192.168.1.0/24. Display IP addresses and port numbers:
tcpdump -n src net 192.168.1.0/24Capture any packets where the source or destination network is 192.168.1.0/24. Display IP addresses and port numbers:
tcpdump -n net 192.168.1.0/24Capture any packets where the destination port is 23. Display IP addresses and port numbers:
tcpdump -n dst port 23Capture any packets where the destination port is is between 1 and 1023 inclusive. Display IP addresses and port numbers:
tcpdump -n dst portrange 1-1023Capture only TCP packets where the destination port is is between 1 and 1023 inclusive. Display IP addresses and port numbers:
tcpdump -n tcp dst portrange 1-1023Capture only UDP packets where the destination port is is between 1 and 1023 inclusive. Display IP addresses and port numbers:
tcpdump -n udp dst portrange 1-1023Capture any packets with destination IP 192.168.1.1 and destination port 23. Display IP addresses and port numbers:
tcpdump -n "dst host 192.168.1.1 and dst port 23"Capture any packets with destination IP 192.168.1.1 and destination port 80 or 443. Display IP addresses and port numbers:
tcpdump -n "dst host 192.168.1.1 and (dst port 80 or dst port 443)"Capture any ICMP packets:
tcpdump -v icmpCapture any ARP packets:
tcpdump -v arpCapture either ICMP or ARP packets:
tcpdump -v "icmp or arp"Capture any packets that are broadcast or multicast:
tcpdump -n "broadcast or multicast"Capture 500 bytes of data for each packet rather than the default of 68 bytes:
tcpdump -s 500Capture all bytes of data within the packet:
tcpdump -s 0
Subscribe to:
Posts (Atom)