Tcpdump HTTP headers

On a host with many virtual sites and no centralized logging, getting an idea of which site is being hammered too hard can be tedious / impossible.

Instead of looking at the logs, why not look at the traffic at real time:

tcpdump -s 1500 -v -A -c100 dst port 80  | grep Host

This will show the hosts being requested through HTTP.

Leave a Reply

Your email address will not be published. Required fields are marked *