= tcpdump - dump traffic on a network =

tcpdump #on its own it will list all packets #quite slow and shows too much

tcpdump -n #does not resolve IP addresses tcpdump -n | grep IP address tcpdump dst ipaddress #shows traffic with the destination of the IP tcpdump src ipaddress #shows traffic with the source of the IP tcpdump src ipaddress -c 1 #capture 1 packet and stop tcpdump src ipaddress -c 1 -X #show contents of the packet tcpdump src ipaddress -c 1 -XX -vv #show contents and header (XX) and verbose tcpdump src ipaddress and port 80

tcpdump -vv ip6 -i eth0 Good ref: http://danielmiessler.com/study/tcpdump/