tcpdump

Description

Tcpdump is a powerful utility to capture and monitor data on the network.

Tcpdump can take a boolean expression to filter the traffic according to your interests. For example if you're only interested in HTTP traffic, you can easily let tcpdump only show or capture that.

Tcpdump is also able to print out a description of the contents of each captured packet. However, for closer analysis it's usually best to save the data and analyze it later.

Packages

source: tcpdump

binary: tcpdump

Usage Examples

Capture all data coming from host host.domain.net to your machine and write it to the file capture.cap:

# tcpdump -w capture.cap src host.domain.net

Display on screen a hex dump of all UDP packets going to host.domain.net:

# tcpdump -X udp and dst host.domain.net

Links

tcpdump man page

See Also

iputils, netcat