Quick how to on capturing HTTP headers using tcpdump on a web server (running Linux).
- On the web server, issue the following command
[bash] tcpdump -s 1024 -C 1024000 -w /tmp/httpcapture dst port 80 [/bash]
- Stop the capture by issuing the break command (ctrl + c)
- Open the capture file (httpcapture in this example) in wireshark and check out the headers under theĀ the HTTP protocol
justniffer http://justniffer.sourceforge.net/
Thx for sharing this link..