CXO

Video: Analyze network traffic with tcpdump

Tcpdump may not have a slick frontend like other packet analyzers such as Wireshark and Ettercap, but this command line tool makes up for its lack of fancy graphics with power and flexibility. In this IT Dojo video, Bill Detwiler shows you why tcpdump is a great tool for network debugging and security monitoring.

Tcpdump may not have a slick front end like other packet analyzers such as Wireshark and Ettercap, but this command line tool makes up for its lack of fancy graphics with power and flexibility. Tcpdump is an old mainstay for network admins and security pros who swear by its usefulness.

Unlike other traffic analysis tools such as Ettercap and Wireshark, both of which provide packet sniffing functionality with a convenient captive interface, tcpdump takes a command at the shell, with options specified at that time, and then dumps the results to standard output. This may seem primitive to some users, but it provides power and flexibility that isn't available with the common captive interface alternatives.

In this IT Dojo video, I'll show you why tcpdump is a great tool for network debugging and security monitoring.

After watching the video, you can learn more about tcpdump by reading Chad Perrin's article, "Use tcpdump for traffic analysis"—the basis for this video.

About

Bill Detwiler is Managing Editor of TechRepublic and Tech Pro Research and the host of Cracking Open, CNET and TechRepublic's popular online show. Prior to joining TechRepublic in 2000, Bill was an IT manager, database administrator, and desktop supp...

Editor's Picks