Capturing the network traffic

Posted: September 4, 2012 in Uncategorized
Tags: ,

tcpdump -i eth0 -w capture_file_name

tcpdump is a great command line utility to capture as well as analyze the network traffic on a particular interface. For example above command captures all the traffic on eth0 interface and writes to a file named “capture_file_name”. For more options , read the manpage.

Wireshark is another great utility to serve the same purpose which has a very rich GUI.

Advertisements
Comments
  1. jetcracker says:

    Yeah! Very useful command.
    We used it once when our server was DDoS-ed. More than 100 Gb incoming traffic from USA in two days! This tool helped us to identify the source of the attack. 🙂

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s