Mittwoch, 17. Juli 2013

CDP Protokoll Informationen mit TCPDUMP Auslesen

Über den Terminal:

sudo tcpdump -nn -vvv -i eth0 -s 1500 -c 1 'ether[20:2] == 0x2000'



Ein paar Sekunden bis 1 min. warten bis ein CDP Paket gefischt wird.

Output:
tcpdump: listening on eth0, link-type EN10MB (Ethernet), capture size 1500 bytes
15:47:22.861467 CDPv2, ttl: 180s, checksum: 692 (unverified), length 477
    Device-ID (0x01), length: 34 bytes: 'MGT_LAN_C2960C-LL_18.mgmt.fhooe.at'
    Version String (0x05), length: 251 bytes:
      Cisco IOS Software, C2960C Software (C2960c405-UNIVERSALK9-M), Version 12.2(55)EX3, RELEASE SOFTWARE (fc2)
      Technical Support: http://www.cisco.com/techsupport
      Copyright (c) 1986-2011 by Cisco Systems, Inc.
      Compiled Wed 10-Aug-11 06:40 by prod_rel_team
    Platform (0x06), length: 21 bytes: 'cisco WS-C2960C-8TC-S'
    Address (0x02), length: 13 bytes: IPv4 (1) 10.1.1.18    Port-ID (0x03), length: 18 bytes: 'GigabitEthernet0/1'
    Capability (0x04), length: 4 bytes: (0x00000028): L2 Switch, IGMP snooping
    Protocol-Hello option (0x08), length: 32 bytes:
    VTP Management Domain (0x09), length: 14 bytes: 'mgmt.fhooe.vtp'
    Native VLAN ID (0x0a), length: 2 bytes: 110
    Duplex (0x0b), length: 1 byte: full
    AVVID trust bitmap (0x12), length: 1 byte: 0x00
    AVVID untrusted ports CoS (0x13), length: 1 byte: 0x00
    Management Addresses (0x16), length: 13 bytes: IPv4 (1) 10.1.1.18
    unknown field type (0x1a), length: 12 bytes:
      0x0000:  0000 0001 0000 0000 ffff ffff
1 packet captured
1 packet received by filter
0 packets dropped by kernel
roland@pcmgmt228:~$ sudo tcpdump -nn -vvv -i eth0 -s 1500 -c 1 'ether[20:2] == 0

Keine Kommentare:

Kommentar veröffentlichen