tcpdump tcpdump is a common computer network debugging tool that runs under the command line. It allows the user to intercept and display TCP/IP and other packets being transmitted or received over a network to which the computer is attached. It was originally written by Van Jacobson, Craig Leres and Steven McCanne who were, at the time, working in the Lawrence Berkeley Laboratory Network Research Group.   Distributed under a permissive free software licence,[1] tcpdump is free software.

tricks & filters   hint nr.1 RTFM !!   hint nr. 2 tcpdump -n -i eth0 the option -n Do not convert addresses (i.e., host addresses) to names. your sniffing workstation is not making any DNS lookup   hint nr. 3 tcpdump -nn -i eth0 the option -nn Don’t convert addresses (i.e., host addresses ,port numbers , etc) to names. your sniffing workstation is not making any DNS lookup an ports an numbers, not names   hint nr. 4 tcpdump -vttttnnel -i eth0 displays a usefull output for a usage in scripts do process the output.   Filters - tcpdump filters

download    www.tcpdump.org

(c) 2008 by packetlevel.ch / last update: 08.03.2008