Wireshark (Network Protocol Analyzier) : # Tcpdump - I Eth0
Wireshark (Network Protocol Analyzier) : # Tcpdump - I Eth0
which is used to capture or filter TCP/IP packets that received or transferred over a network on a
specific interface. It is available under most of the Linux/Unix based operating systems. tcpdump
also gives us a option to save captured packets in a file for future analysis. It saves the file in a pcap
format, that can be viewed by tcpdump command or a open source GUI based tool called Wireshark
(Network Protocol Analyzier) that reads tcpdump pcap format files.
How to Install tcpdump in Linux
Many of Linux distributions already shipped with tcpdump tool, if in case you don’t have it on
systems, you can install it using following Yum command.
The command screen will scroll up until you interrupt and when we execute tcpdump command it
will captures from all the interfaces, however with -i switch only capture from desire interface.
# tcpdump -i eth0