Tcpdump

Tcpdump

Infobox Software
name = tcpdump


caption = tcpdump console output
developer = The Tcpdump team
latest_release_version = 3.9.7
latest_release_date = July 24, 2007
operating_system = Linux, Solaris, FreeBSD, NetBSD, OpenBSD, Mac OS X, additional *NIX systems, Windows
genre = Packet sniffer
license = BSD license
website = [http://www.tcpdump.org/ www.tcpdump.org]

tcpdump is a common packet sniffer that runs under the command line. It allows the user to intercept and display TCP/IP and other packets being transmitted or received over a network to which the computer is attached. It was originally written by Van Jacobson, Craig Leres and Steven McCanne who were, at the time, working in the Lawrence Berkeley Laboratory Network Research Group.

Distributed under a permissive free software licence, [cite web
url=http://cvsweb.tcpdump.org/cgi-bin/cvsweb/tcpdump/LICENSE?rev=1.1
title=LICENSE file from source code
] tcpdump is free software.

Tcpdump works on most Unix-like operating systems: Linux, Solaris, BSD, Mac OS X, HP-UX and AIX among others. In those systems, tcpdump uses the libpcap library to capture packets.

There is also a port of tcpdump for Windows called WinDump; this uses WinPcap, which is a port of libpcap to Windows.

In some Unix-like operating systems, a user must have superuser privileges to use tcpdump because the packet capturing mechanisms on those systems require elevated privileges. However, the -Z option may be used to drop privileges to a specific unprivileged user after capturing has been set up. In other Unix-like operating systems, the packet capturing mechanism can be configured to allow non-privileged users to use it; if that is done, superuser privileges are not required.

The user may optionally apply a BPF-based filter to limit the number of packets seen by tcpdump; this renders the output more usable on networks with a high volume of traffic.

Common uses of tcpdump

Tcpdump is frequently used to debug applications that generate or receive network traffic. It can also be used for debugging the network setup itself, by determining whether all necessary routing is occurring properly, allowing the user to further isolate the source of a problem.

It is also possible to use tcpdump for the specific purpose of intercepting and displaying the communications of another user or computer. A user with the necessary privileges on a system acting as a router or gateway through which unencrypted traffic such as TELNET or HTTP passes can use tcpdump to view login IDs, passwords, the URLs and content of websites being viewed, or any other unencrypted information.

See also

*Wireshark, another network protocol analyzer (formerly known as Ethereal) featuring a GUI interface
*OmniPeek, an analyzer that supports streaming of packets from a remote machine running tcpdump
*Snoop, a similar utility included with Solaris
*Tcptrace, a tool for analyzing the logs produced by tcpdump
*Pcap, the library used to implement tcpdump.

References

External links

* [http://www.tcpdump.org/ Official site for tcpdump (and libpcap)]
* [http://www.winpcap.org/windump/ Official site for WinDump]
* [http://ngrep.sourceforge.net/ ngrep, a tcpdump-like tool]
* [http://www.tcpdump.org/papers/bpf-usenix93.pdf Berkeley Packet Filter]
* [http://microolap.com/products/network/tcpdump/ Portable version of tcpdump for Windows]


Wikimedia Foundation. 2010.

Игры ⚽ Нужно решить контрольную?

Look at other dictionaries:

  • Tcpdump — Saltar a navegación, búsqueda tcpdump es un herramienta en línea de comandos cuya utilidad principal es analizar el tráfico que circula por la red. Permite al usuario capturar y mostrar a tiempo real los paquetes transmitidos y recibidos en la… …   Wikipedia Español

  • tcpdump — es un herramienta en línea de comandos cuya utilidad principal es analizar el tráfico que circula por la red. Permite al usuario capturar y mostrar a tiempo real los paquetes transmitidos y recibidos en la red a la cual el ordenador está… …   Wikipedia Español

  • Tcpdump — Вывод tcpdump на консоль Тип Сниффер Разработчик The Tcpdump team ОС …   Википедия

  • Tcpdump — Entwickler Das Tcpdump Team Aktuelle Version 4.1.1 (5. April 2010) Aktuelle Vorabversion 4.2.0 (24. Juli 2011) Betriebssystem Unix Derivate Kategorie …   Deutsch Wikipedia

  • Tcpdump — Résultat de tcpdump en console …   Wikipédia en Français

  • tcpdump — Résultat de tcpdump en console …   Wikipédia en Français

  • TCPDump — es una herramienta de diagnóstico para redes TCP/IP basada en salida textual, que monitoriza los paquetes que entran y salen de una interfaz de red, y los presenta en formato legible, comúnmente denominado sniffer. No es intrínsecamente peligroso …   Wikipedia Español

  • tcpdump — В этой статье не хватает ссылок на источники информации. Информация должна быть проверяема, иначе она может быть поставлена под сомнение и удалена. Вы можете отредактировать эту стат …   Википедия

  • Windump — Tcpdump Entwickler: Das Tcpdump Team Aktuelle Version: 4.0.0 (27. Oktober 2008) Betriebssystem: Unix Derivate Kategorie …   Deutsch Wikipedia

  • pcap — libpcap Developer(s) The Tcpdump team Stable release 1.1.1 / April 7, 2010; 19 months ago (2010 04 07) Operating system Linux, Solaris, FreeBSD, NetB …   Wikipedia

Share the article and excerpts

Direct link
Do a right-click on the link above
and select “Copy Link”