- Products
- Learn
- Local User Groups
- Partners
-
More
Celebrate the New Year
With CheckMates!
Value of Security
Vendor Self-Awareness
Join Us for CPX 360
23-24 February 2021
Important certificate update to CloudGuard Controller, CME,
and Azure HA Security Gateways
How to Remediate Endpoint & VPN
Issues (in versions E81.10 or earlier)
Mobile Security
Buyer's Guide Out Now
Important! R80 and R80.10
End Of Support around the corner (May 2021)
I have 750 applications checkpoint
And go to the cli from putty
I won't to run tcpdump and save the file on my local pc
Like:
Tcpdump c:\checkpoint
How i can save it?
Thanks
So if i won't to wireshark the trafic
I can't do this with 750?
Packet captures require storage space, which the 750 does not have a lot of. For anything more than a few minutes, you will probably need to have a MicroSD card installed to write the packet captures to.
A command line like:
tcpdump -i LAN1 -w /mnt/sd/capture.pcap
would write the pcap file to the MicroSD storage.
To copy the files off the appliance using WinSCP, you need to enable the bash user as described here: https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solut...
You can record all your work within Putty.
That said, you can run tcpdump without output to the file (just print to the screen) and then just copy and paste from putty session log file.
Thanks jt's work.
But i can't open the file in WIRESHARK.
The file don't match.
Another question
How i can run TCPDUMP for all the lan
I have 3 different lan
I run the script
TCPDUMP -i lan1
And i get only the traffic on lan1
If I want to get all 3 lan in the log
What i need to write?
Thanks
In fact, there is a way how to monitor all traffic via tcpdump:
tcpdump -i any <YOUR_FILTER>
This will scan all interfaces (included VLANs) to match your filter settings.
Or just duplicate windows and perform tcpdump on separated interfaces in each session.
About CheckMates
Learn Check Point
Advanced Learning
WELCOME TO THE FUTURE OF CYBER SECURITY