tcpdump

Written by

Yujin Boby

in

tcpdump is a useful command to track traffic on your network.

To see all traffic between your PC and a remote server, run

tcpdump -i any host google.com

Here all traffic to google.com will be displayed.

To save the logs to a file, use

tcpdump -i any host google.com -w /tmp/test.pcap

Monitor taffic to all ports other than a specific port.

tcpdump -c 100 port not 3333
tcpdump -w /tmp/test.pcap -c 100 port not ssh

To view all communications on a specific port, for example port 993. use

tcpdump  -i eth0 port 993

Comments

Leave a Reply

Your email address will not be published. Required fields are marked *

More posts