Encyclopedia > Tcpdump

  Article Content

Tcpdump

tcpdump is the name of a popular computer network debugging and security tool which allows the user to intercept and display TCP/IP packets being transmitted or received over a network to which the computer is attached. On UNIX and most other operating systems, a user must have the equivalent of root or system administrator privileges to use tcpdump.

The user may optionally apply any number of filters to render the output more usable on networks with a high volume of traffic.

Common Uses of tcpdump

  • to debug applications one is writing which utilize the network for communications
  • to debug the network setup itself, by determining that all necessary routing is or is not occuring properly, allowing the user to further isolate the source of a problem
  • to intercept and display the communications of another user or computer. Some protocols, such as telnet and http, transmit information unencrypted over the network. A user with control of a router or gateway through which other computers' unencrypted traffic passes can use tcpdump to view login IDs, passwords, the URLs and content of websites being viewed, or any other information.

tcpdump is a command line, text mode only program. Ethereal is a similar program with a GUI frontend, and many additional formatting, sorting, and display facilities.



All Wikipedia text is available under the terms of the GNU Free Documentation License

 
  Search Encyclopedia

Search over one million articles, find something about almost anything!
 
 
  
  Featured Article
North Haven, New York

... it is land and none of the area is covered with water. Demographics As of the census of 2000, there are 743 people, 337 households, and 209 families residing in the ...

 
 
 
This page was created in 25.9 ms