Comments on: TCPDump: Capture and Record Specific Protocols / Port

By: Ben

Ben — Fri, 11 Nov 2011 00:02:44 +0000

Am doing a project to analyze network traffic of bit torrent clients . So I when I initiate a download from my comp (using my wireless internet connection) , I need to start collection the tcpdump and I need to store it in another file .
i tried using sudo tcpdump –i wlan0 –w xyz.dmp , but doesnt work ..what do I do ?

By: Kiambang

Kiambang — Mon, 24 Oct 2011 11:38:22 +0000

….or using justniffer. http://justniffer.sourceforge.net/

Kyam

By: Fer

Fer — Mon, 09 Mar 2009 01:27:07 +0000

Hi!
Nice explanation … I wonder, could I use it to capture squid proxy traffic? and use it to resolve user/pass data?
Dont get me wrong… I have a traitor on my organization so I’m trying to figure out who is it.
Sorry if this question is out ettical for you
FER

By: Vivek Gite

Vivek Gite — Thu, 19 Feb 2009 06:45:26 +0000

you must run it as root user.

By: lady

lady — Thu, 19 Feb 2009 03:39:17 +0000

hye dylan,
can u tell me how to save the capture file from tcpdump?
i tried this command:tcpdump -w new.pcap -i eth1
but the result is this:tcpdump: socket: Operation not permitted
what i did wrong?
should i create the folder first?

By: Dylan

Dylan — Thu, 02 Oct 2008 02:18:18 +0000

Remember to load the saved capture file into Wireshark for a great help on analysis.
Nice article thanks.

By: Gagan Brahmi

Gagan Brahmi — Mon, 01 Sep 2008 11:08:45 +0000

hey Vivek,

Nice read. One question that I need the answer for. What are the possible details that we can get from the tcpdump output?

I can see that it contains a whole lot of information, but not sure what is the important part of it.