Thursday, June 23, 2011

Command to see CDP packets and identify the cisco switch and port your machine is connected to

# tcpdump -nn -vvv -i eth0 -s 1500 -c 1 'ether[20:2] == 0x2000'
Posted by at

1 comment:

Anonymous said...

This will indeed work but can match non CDP packets.

I'm using 'ether[12:2] <= 1500 && ether[14:2] == 0xAAAA ether[16:1] == 0x03 ether[17:2] == 0x0000 ether[19:1] == 0x0C ether[20:2] == 0x2000' for the filter which is much more selective.

June 23, 2011 at 9:44 PM

Post a Comment

Subscribe to: Post Comments (Atom)