TCP Dump
Summary
TCP (Transport Control Protocol) - is a command line package utility for linux, providing a user interface to the libpcap library. The basic syntax of the command is tcpdump -i eth0
when is it used
used to monitor incoming packats until a interrupted signal is sent to the utility to step (i.e. ctrl+c) in the terminal. There are different switches that can be provided to include or filter out information.
- Type - filter by
host
,net
, orportrange
- Direction - filter by source
src
or destinationdst
- Protocol - filter by named protocol rather than port number (for example
arp
,icmp
,ip
,ip6
,tcp
,udp
, and so on)