Tcpdump is a powerful utility to capture and monitor data on the network.

Tcpdump can take a boolean expression to filter the traffic according to your interests. For example if you're only interested in HTTP traffic, you can easily let tcpdump only show or capture that.

Tcpdump is also able to print out a description of the contents of each captured packet. However, for closer analysis it's usually best to save the data and analyze it later.


source: tcpdump

binary: tcpdump

Usage Examples

Capture all data coming from host to your machine and write it to the file capture.cap:

# tcpdump -w capture.cap src

Display on screen a hex dump of all UDP packets going to

# tcpdump -X udp and dst


tcpdump man page

See Also

iputils, netcat