~/Capture Network Traffic with tcpdump

Sep 15, 2021

The tcpdump tool is a simple way to capture network packets on Unix-like systems. It provides a command line interface to monitor and analyze network traffic for troubleshooting or security purposes.

Install tcpdump using your package manager. For Ubuntu, run:

1
2

sudo apt update
sudo apt install tcpdump

To capture all network traffic on interface eth0 and write it to a file:

`1`	`sudo tcpdump -i eth0 -w output.pcap`

Listen only for traffic on a specific port, such as HTTP on port 80:

`1`	`sudo tcpdump -i eth0 port 80`

Display only IP traffic:

`1`	`sudo tcpdump -i eth0 ip`

Read and analyze captured data from a file:

`1`	`tcpdump -r output.pcap`

For more filter examples and usage details, see the official documentation.

You need root privileges to use tcpdump on most systems.

Always respect privacy and legal guidelines when capturing network data.

Tags: [tcpdump] [networking] [cli]