How to Use tcpdump

tcpdmp cheat sheet

Tcpdump is mainly used for troubleshooting network problems. For example, if we can have a DNS query issue, we can use this command to capture all the DNS packets to check out what happened.

How to Run tcpdump?

We can run tcpdump in local server or remote server with an SSH session. It accepts many filters and allows us to display data about packets going in and out of an interface. We can also filter syntax which is very powerful.

When we run the tcpdump command without any options then it will capture packets of all the interfaces. We can stop or cancel the tcpdump command by typing “ctrl+c” .

Read the full article from here. Tcpdump cheat sheet