Network Monitoring  «Prev 

Output of tcpdump command

View the image below to see a few typical lines from the tcpdump output:
  1. Time stamp
  2. Packet's source host and port
  3. Packet's destination host and port
  4. Information from the packet's IP, TCP, or UDP headers


Tcpdump is a network capture and protocol analysis tool from the website www.tcpdump. org. This program is based on the libpcap interface, which is a portable system-independent interface for user-level network datagram capture. Despite the name, tcpdump can also be used to capture non-TCP traffic, including UDP and ICMP. One of this tool's primary benefits is its wide availability, making it the de facto standard format for captured network traffic. The tcpdump program ships with many distributions of BSD, Linux, and Mac OS X, and there is a version that can be installed on Windows systems. Its long history also insures that there is a plethora of references available on the Internet and in text form for people that want to learn the tool.

$ tcpdump [options] [filter expression]