in ,

10 various commands for tcpdump

tcpdump various commands,
Reading time: 2 min

tcpdump is a data-network packet analyzer computer program that runs under a command line interface. It allows the user to display TCP/IP and other packets being transmitted or received over a network to which the computer is attached.

10 tcpdump commands

To check the running or up interface of the host:

tcpdump -D

To capture the packets from particular interface:

tcpdump -i wlan0          // i stands for interface and wlan0 is that particular interface

Get all the packets in IP address instead of Domain name:

tcpdump -n -i wlan0

To capture the required number of packets:

tcpdump -c 10 -i wlan0   // c stands for count and its parameter 10, counts 10 packet

Get the full time stamp of packet.

tcpdump -tttt -i wlan0   // this command will give full timestamp with date

Filter the packets based on IP address.

tcpdump -i wlan0 dst (ip address of destination)   // it will show the incoming packets from specified ip
tcpdump -i wlan0 src (ip address of destination)   // it will show the outgoing packets to specified ip

Filter the packets based on Port number.

tcpdump -i any port 80   // any refest to any interface of host, and packets from 80 will be analyzed

Combination of two commands.

tcpdump -i any host (ip address) and port (port no.) // it will analyze the packets of specified ip address and port number.

To save a captured packet in a file:

tcpdump -w abc.pcap -i any  // w stands for write and abc the specified file with pcap as extension
tcpdump -r abc.pcap      // to read the saved file

Full content monitoring or in ASCII and HEXADECIMAL format:

tcpdump -A  // in ASCII
tcpdump -X  // in hexadecimal




Leave a Reply

Your email address will not be published. Required fields are marked *



Alibaba developed an AI system to detect Coronavirus within seconds


Google launched a website related to Coronavirus