How to use Tcpdump on Debian, Ubuntu and CentOS


tcpdump is a valuable tool for any IT professional or network enthusiast. It is used to capture and analyze network traffic passing through a system. This post is a basic tutorial on how to install and use the TCPDUMP command.

What is tcpdump for?

tcpdump allows you to capture network packets in real time and display them in detail. It’s useful for diagnosing network problems, inspecting suspicious traffic, or simply learning more about how networks work.

How to install tcpdump on Debian and Ubuntu:

Open the terminal and update the list of packages:

sudo apt-get update

Next, install tcpdump with

sudo apt-get install tcpdump

How to install tcpdump on CentOS

In CentOS, the process is similar. First, update your packages with

sudo yum update

and then install tcpdump with

sudo yum install tcpdump

How to use the tcpdump command

To start capturing packages, simply type tcpdump into the terminal. To filter traffic by protocol type, use the option -i followed by the interface name, for example:

tcpdump -i eth0

You can also save the output to a file for later analysis with the option -w, as in

tcpdump -w arquivo_de_saida.pcap

Remember that tcpdump is a powerful tool and should be used responsibly, respecting all laws and regulations applicable to the interception of network traffic. Good luck and happy network analysis!

Leave a Reply

Your email address will not be published. Required fields are marked *

Latest news

Latest news directly from our blog.