Tcpdump cheat sheet

Tcpdump cheat sheet 

It is a common packet analyzer that runs under the command line. It allows the user to display TCP/IP and other packets being transmitted or received over a network to which the computer is attached. Distributed under the BSD license, it is free software. It works on most Unix-like operating systems: Linux, Solaris, BSD, macOS, HP-UX, Android and AIX among others. In those systems, tcpdump uses the libpcap library to capture packets. The port of application for Windows is called WinDump; it uses WinPcap, the Windows port of libpcap.

It was originally written in 1987 by Van Jacobson, Craig Leres and Steven McCanne who were, at the time, working in the Lawrence Berkeley Laboratory Network Research Group. By the late 1990s there were numerous versions of tcpdump distributed as part of various operating systems, and numerous patches that were not well coordinated. Michael Richardson (mcr) and Bill Fenner created www.tcpdump.org in 1999.

Tool prints the contents of network packets. It can read packets from a network interface card or from a previously created saved packet file. It can write packets to standard output or a file. It is also possible to use tcpdump for the specific purpose of intercepting and displaying the communications of another user or computer. A user with the necessary privileges on a system acting as a router or gateway through which unencrypted traffic such as Telnet or HTTP passes can use this tool to view login IDs, passwords, the URLs and content of websites being viewed, or any other unencrypted information.

Download file here

source: http://packetlife.net