You are reviewing packets captured by a co-worker. The traffic is from a Linux server that hosts private customer data, and your job is to analyze the content for potential security risks.

The .pcap file appears to be a bit small for what you wanted. (It contains traffic to and from the target system during a given time period.) Some of that traffic is shown below.

You suspect that only SSH traffic is represented in this capture, which was done with tcpdump.

What command do you think your co-worker used to capture only SSH traffic?
tcpdump port 22


tcpdump -i eth0


tcpdump -p 21


tcpdump port 21

Question

You are reviewing packets captured by a co-worker. The traffic is from a Linux server that hosts private customer data, and your job is to analyze the content for potential security risks.

The .pcap file appears to be a bit small for what you wanted. (It contains traffic to and from the target system during a given time period.) Some of that traffic is shown below.

You suspect that only SSH traffic is represented in this capture, which was done with tcpdump.

What command do you think your co-worker used to capture only SSH traffic?
tcpdump port 22


tcpdump -i eth0


tcpdump -p 21


tcpdump port 21

Your name

Your answer