from Wikipedia, the free encyclopedia

Tcpdump & libpcap.svg
Basic data

developer The tcpdump team
Current  version 4.9.2
(September 3, 2017)
operating system Unix derivatives
programming language C.
category Network traffic analysis program
License BSD license
German speaking No

tcpdump is free software for monitoring and evaluating network traffic. It was written by Van Jacobson, Craig Leres and Steven McCanne, but is now being developed by many others. Tcpdump works in text mode and is controlled via the command line .

Tcpdump is available for most Unix systems and Unix derivatives , such as AIX , BSD , Linux , Solaris, and is included in the basic system by many manufacturers. The WinDump port is available for Windows . Due to the direct access to the hardware, the user needs the privileged rights of the root user to run the software under Unix and many other systems (exception: under BSD derivatives, Mac OS X, SunOS and Solaris it is sufficient if the user has the appropriate Has rights for the network device file).

The program reads data in the form of packets that are sent over the network and displays them on the screen or stores them in files. By switching a network adapter to promiscuous mode , it is also possible to receive and evaluate packets that are not intended for this network adapter.

In addition, tcpdump enables the analysis of packages previously saved in files. The user controls the behavior of tcpdump by means of parameters, which must be specified on the command line when the program is started, and passes filters to the program according to which the packets are evaluated.

The main areas of application of tcpdump are:

  • Debug programs that communicate over the network.
  • Troubleshooting the network structure itself.
  • Record and display communications from other users and computers. This enables users who have access to routers or gateways within a network to monitor and record the communication between different participants in the network. Since some protocols transmit their transmission unencrypted, it is possible in this way to obtain passwords and user data from the network.

Individual evidence

  1. Changelog
  2. ^ The tcpdump Open Source Project on Open Hub: Languages ​​Page . In: Open Hub . (accessed on July 18, 2018).
  3. Chi Yu Chan: A Network Packet Analyzer with Database Support , Department of Computer Science Rensselaer Polytechnic Institute, Troy, New York, August 2002 (English)

Web links