LinuxWorld Australia: Linux Primer for Networkers: Using the Sniffer

“A few years back, I used an old 486 running Red Hat Linux and
tcpdump to easily diagnose a client’s denial-of-service attack,
illustrating the benefits of creating a powerful network analysis
tool from ‘scrap’ parts. There are plenty of tools to build a
similar Windows-based network analyzer, but Linux can run on
machines that can’t efficiently run Windows.

“I will now show you how to test the system and install libcap,
a package that grabs network packet data; tcpdump, a basic but
crucial sniffer package that displays that data sequentially; and
iptraf, which presents trends and summaries of the data…”