Tool of the Day: tcpdump
tcpdump is a common packet analyzer that runs under the command line. It
allows the user to
intercept and display TCP/IP and other packets being transmitted or
received over a network to
which the computer is attached. Distributed under the BSD license, tcpdump
is free software.
Tcpdump works on most Unix-like operating systems: Linux, Solaris, BSD,
Mac OS X,HP-
UX and AIX among others. In those systems, tcpdump uses the libpcap library
to capture packets.
The port of tcpdump for Windows is called WinDump; it uses WinPcap, the
Windows port of
libpcap.
? Tcpdump analyzes network behavior, performance and applications that
generate or
receive network traffic
? It can also be used for analyzing the network infrastructure itself by
determining whether
all necessary routing is occurring properly, allowing the user to further
isolate the source
of a problem.
? It is also possible to use tcpdump for the specific purpose of
intercepting and displaying
the communications of another user or computer
? A user with the necessary privileges on a system acting as a router or
gateway through
which unencrypted traffic such asTelnet or HTTP passes can use tcpdump to
view login
IDs, passwords, the URLs and content of websites being viewed, or any
other unencrypted
information.
? The user may optionally apply a Berkeley Packet filter-based filter to
limit the number of
packets seen by tcpdump; this renders the output more usable on networks
with a high
volume of traffic.
version: 4.3.0
home page: www.tcpdump.org
regards,
dhanasekar
