SNIFFING TRAFFIC

#step 1: list available interfaces
root@dco:~$ sudo tshark -D
 1. ens5
 2. lo (Loopback)
 3. any
 4. bluetooth-monitor
 5. nflog

 * TShark requires superuser privileges to sniff live traffic and list all available interfaces. 
 
#step 2: sniff traffic
root@dco:~$ sudo tshark

 * not specifying the sniffing interface is similar to using the cmd...
    sudo tshark -i 1
     - 1 specifies the first available interface on the system

#step 1: list available interfaces
root@dco:~$ sudo tshark -D
 1. ens5
 2. lo (Loopback)
 3. any
 4. bluetooth-monitor
 5. nflog

 * TShark requires superuser privileges to sniff live traffic and list all available interfaces. 
 
#step 2: sniff traffic 
root@dco:~$ sudo tshark -w fullPacketCapture.pcapng

 * not specifying the sniffing interface is similar to using the cmd...
    sudo tshark -i 1
     - 1 specifies the first available interface on the system

#sniffing the traffic and stopping after 2 seconds, and save the dump into 5 files, each 5kb.

#step 1: list available interfaces
root@dco:~$ sudo tshark -D
 1. ens5
 2. lo (Loopback)
 3. any
 4. bluetooth-monitor
 5. nflog

 * TShark requires superuser privileges to sniff live traffic and list all available interfaces. 
 
#step 2: sniff traffic
root@dco:~$ sudo tshark -w autostop-demo.pcap -a duration:2 -a filesize:5 -a files:5

 * not specifying the sniffing interface is similar to using the cmd...
    sudo tshark -i 1
     - 1 specifies the first available interface on the system
     
# List the contents of the current folder.
root@dco:~$ ls
-rw------- 1 ubuntu ubuntu   autostop-demo_..1_2022.pcap
-rw------- 1 ubuntu ubuntu   autostop-demo_..2_2022.pcap
-rw------- 1 ubuntu ubuntu   autostop-demo_..3_2022.pcap
-rw------- 1 ubuntu ubuntu   autostop-demo_..4_2022.pcap
-rw------- 1 ubuntu ubuntu   autostop-demo_..5_2022.pcap