{"id":98,"date":"2025-07-16T15:15:22","date_gmt":"2025-07-16T06:15:22","guid":{"rendered":"http:\/\/34.64.61.65\/?p=98"},"modified":"2025-07-16T15:15:22","modified_gmt":"2025-07-16T06:15:22","slug":"tcpdump-directory-issue","status":"publish","type":"post","link":"https:\/\/hed-g.me\/?p=98","title":{"rendered":"tcpdump directory issue"},"content":{"rendered":"\n

tcpdump directory issue: \/usr\/sbin\/tcpdump<\/h1>\n\n\n\n

\ub098\uac19\uc740 \uacbd\uc6b0\uc5d0\ub294 cuckoo sandbox\ub97c \uc0ac\uc6a9\ud558\uae30 \uc704\ud574 tcpdump\uac00 \ud544\uc694\ud588\uace0…<\/p>\n\n\n\n

\ub2e4\ub978 \uc774\uc720\ub85c\ub3c4 tcpdump\uac00 \ud544\uc694\ud55c \ubd84\ub4e4\uc774 \uc788\uaca0\uc9c0\ub9cc \uc544\ubb34\ud2bc \ucd5c\uc2e0 \ubc84\uc804\uc758 \ubb38\uc81c\uc778\uc9c0 \ubab0\ub77c\ub3c4 \uacc4\uc18d \uc5d0\ub7ec \ubc1c\uc0dd.<\/p>\n\n\n\n

\uadfc\ub370 \uc5b4\uca50\uc9c0 \uadf8 \uc5d0\ub7ec\ub4e4\uc774 \uac00\ub974\ud0a4\ub294 \ubc29\ud5a5\ub4e4\uc774 \ubaa8\ub450 directory \uc774\uc288\ub77c.<\/p>\n\n\n\n

\uc0c1\ud669\uc740 \uc774\ub807\ub2e4.<\/p>\n\n\n\n

$ sudo aa-disable \/usr\/sbin\/tcpdump<\/code><\/pre>\n\n\n\n
\uc640 \uac19\uc774 \uc785\ub825\ud574\ub3c4<\/p>\n\n\n\n
Profile for \/usr\/sbin\/tcpdump not found, skipping<\/code><\/pre>\n\n\n\n
\n\n\n\n
$ sudo setcap cap_net_raw,cap_net_admin=eip \/usr\/sbin\/tcpdump<\/code><\/pre>\n\n\n\n
\uc640 \uac19\uc774 \uc785\ub825\ud574\ub3c4.<\/p>\n\n\n\n
\"Failed to set capabilities on file `\/usr\/sbin\/tcpdump' (No such file or directory)\nThe value of the capability argument is not permitted for a file. Or the file is not a regular (non-symlink) file<\/code><\/pre>\n\n\n\n
\uc5d0\ub7ec\uac00 \ub098\ub2c8 \ub2e4\uc74c\uc73c\ub85c \uc9c4\ud589\ud560 \uc218 \uc5c6\ub2e4…<\/p>\n\n\n\n
Solution:<\/p>\n\n\n\n
\uc5b4\ub835\uac8c \uc0dd\uac01\ud560 \ud544\uc694\uc5c6\uc774 tcpdump\uc640 \uad00\ub828\ub41c \ub450 \uba85\ub839\uc5d0\uc11c \ud78c\ud2b8\uac00 \uc788\ub2e4.<\/p>\n\n\n\n
\uc6b0\ub9ac\uac00 \uc785\ub825\ud55c \uadf8\ub7f0 directory\uac00 \uc5c6\ub2e4\uace0 \ud558\ub2c8 \uc9c4\uc9dc tcpdump\uac00 \uc5b4\ub528\ub294\uc9c0 \ud655\uc778\ud558\ub294 \uac83.<\/p>\n\n\n\n
$ which tcpdump<\/code><\/pre>\n\n\n\n
\ub97c \uc785\ub825\ud558\uba74 \uc544\ub9c8\ub3c4 \ub098\uc640 \uac19\uc740 \uc774\uc288\uc77c\uacbd\uc6b0…<\/p>\n\n\n\n
\/usr\/bin\/tcpdump<\/code><\/pre>\n\n\n\n
\ub77c\uace0 \ubc18\ud658\ud560 \uac83\uc774\ub2e4.<\/p>\n\n\n\n
\uadf8\ub7ec\ub2c8 \uc704\uc758 \uba85\ub839\ub4e4\uc758 directory\ub4e4\uc744 \ubaa8\ub450 \ubc18\ud658\uac12\uc73c\ub85c \ubc14\uafd4\uc8fc\uba74 \ub41c\ub2e4.<\/p>\n\n\n\n
\uc608\ub97c \ub4e4\uc5b4:<\/p>\n\n\n\n
$ sudo setcap cap_net_raw,cap_net_admin=eip \/usr\/bin\/tcpdump<\/code><\/pre>\n","protected":false},"excerpt":{"rendered":"
tcpdump directory issue: \/usr\/sbin\/tcpdump \ub098\uac19\uc740 \uacbd\uc6b0\uc5d0\ub294 cuckoo sandbox\ub97c \uc0ac\uc6a9\ud558\uae30 \uc704\ud574 tcpdump\uac00 \ud544\uc694\ud588\uace0… \ub2e4\ub978 \uc774\uc720\ub85c\ub3c4 tcpdump\uac00 \ud544\uc694\ud55c \ubd84\ub4e4\uc774 \uc788\uaca0\uc9c0\ub9cc \uc544\ubb34\ud2bc \ucd5c\uc2e0 \ubc84\uc804\uc758 \ubb38\uc81c\uc778\uc9c0 \ubab0\ub77c\ub3c4 \uacc4\uc18d \uc5d0\ub7ec \ubc1c\uc0dd. \uadfc\ub370 \uc5b4\uca50\uc9c0 \uadf8 \uc5d0\ub7ec\ub4e4\uc774 \uac00\ub974\ud0a4\ub294 \ubc29\ud5a5\ub4e4\uc774 \ubaa8\ub450 directory \uc774\uc288\ub77c. \uc0c1\ud669\uc740 \uc774\ub807\ub2e4. \uc640 \uac19\uc774 \uc785\ub825\ud574\ub3c4 \uc640 \uac19\uc774 \uc785\ub825\ud574\ub3c4. \uc5d0\ub7ec\uac00 \ub098\ub2c8 \ub2e4\uc74c\uc73c\ub85c \uc9c4\ud589\ud560 \uc218 \uc5c6\ub2e4… Solution: \uc5b4\ub835\uac8c \uc0dd\uac01\ud560 \ud544\uc694\uc5c6\uc774 tcpdump\uc640 \uad00\ub828\ub41c […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[57],"tags":[139,63,59],"class_list":["post-98","post","type-post","status-publish","format-standard","hentry","category-network","tag-network","tag-tcp-ip","tag-59"],"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/hed-g.me\/index.php?rest_route=\/wp\/v2\/posts\/98","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/hed-g.me\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/hed-g.me\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/hed-g.me\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/hed-g.me\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=98"}],"version-history":[{"count":1,"href":"https:\/\/hed-g.me\/index.php?rest_route=\/wp\/v2\/posts\/98\/revisions"}],"predecessor-version":[{"id":149,"href":"https:\/\/hed-g.me\/index.php?rest_route=\/wp\/v2\/posts\/98\/revisions\/149"}],"wp:attachment":[{"href":"https:\/\/hed-g.me\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=98"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/hed-g.me\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=98"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/hed-g.me\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=98"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}