PC Quest: Monitoring Tools [for Linux - tcpdump]
Aug 19, 2000, 14:04 (0 Talkback[s])
(Other stories by Sachin Makhija, Shekhar Govindarajan)
Re-Imagining Linux Platforms to Meet the Needs of Cloud Service Providers
"tcpdump is a packet sniffer—a tool that can capture
and see the contents of all packets flowing across the network. You
can find tcpdump in the RedHat CD as an RPM."
"By default, the interface listened to is eth0—the first
interface found after the loopback interface lo. The number of
bytes captured by default—which is 68—suffices for most
purposes. -e and -q are useful for peeking into the link header and
to get less—but easy to read—information on each
"You may not be looking for all the packets that flow through
your network. So, you can capture packets flowing through selective
hosts. For this use tcpdump's filtering expressions, in which you
can use "and", "or" and "not" to build up the filter you want."