is the name of a popular computer network debugging
and security tool which allows the user to intercept and display TCP/IP
packets being transmitted or received over a network
to which the computer is attached. On UNIX
and most other operating systems
, a user must have the equivalent of root
or system administrator privileges to use tcpdump.
The user may optionally apply any number of filters to render the output more usable on networks with a high volume of traffic.
Common Uses of tcpdump
tcpdump is a command line, text mode only program. Ethereal is a similar program with a GUI frontend, and many additional formatting, sorting, and display facilities.
- to debug applications one is writing which utilize the network for communications
- to debug the network setup itself, by determining whether all necessary routing is or is not occurring properly, allowing the user to further isolate the source of a problem
- to intercept and display the communications of another user or computer. Some protocols, such as telnet and http, transmit information unencrypted over the network. A user with control of a router or gateway through which other computers' unencrypted traffic passes can use tcpdump to view login IDs, passwords, the URLs and content of websites being viewed, or any other information.