TCPdump Usage

Some hints to easily use the tcpdump application…

Verbose details, selected interface, selected host:

tcpdump -vvv -i eth0 host 192.168.96.34

Verbose details, selected interface, complex condition with selected host and not TCP protocol:

tcpdump -vvv -i eth0 '(host 192.168.96.34 and not tcp)'

Write results into file:

tcpdump -vvv -i eth0 host 192.168.96.34 -w mycap.pcap
Advertisements
This entry was posted in Apple, BSD, Linux, Security, Server and tagged , . Bookmark the permalink.