In this post, you will learn what is TCPdump and how it works, just an overview and I have written a separate post on how to download and work with the tool and the post is in the hacking tools menu.
What is TCPdump?
TCPdump is a packet capturing and Network analyzing tool. Which is mostly used as an alternative to Wireshark. The tool is not a GUI format, which means the tool is a command-line interface.
I personally did not like the tool because of its command-line interface. And it’s a touch to identify the packets because of their appearance.
This tool by default uses libpcap library to capture all the packets.
The tool was initially released in the year 1988 and it was developed by four members they are Van Jacobson, Sally Floyd, Vern Paxson and Steven McCanne and the tool is written in c language.
That’s why I suggest my readers give a study to C language.
Also Read: What is Nessus? – Overview
Who can use TCPdump
This tool works in almost all operating systems like Windows, Linux, macOS, free-BSD and many others.
Also Read: What are Cain and Abel? – Overview
How TCPdump works?
The TCPdump, therefore, works the same as the Nmap, both tools use the -p command to scan the ping in packets. So, the commands are very similar.
This tool is specially made to scan TCP/IP protocols. The reason why they made it to scan TCP and IP is, In older days TCP and the IP were in practical use and later comes the OSI model, The OSI (Open System Interconnection) which is used everywhere.
The tool is able to scan all the ports in TCP and IP. The tcpdump organisation gives constant updates so, still, the tool can perform some cool features.
If you knew something about the tool comment down below.
I don’t use the tool very much, But according to me tool is command-line based so, the reports displaying will not be in an arranged manner. Some alternatives to the tool are Wireshark and Zenmap.
Also Read: Kismet: What are it and just an overview
Also Read: Aircrack-ng Overview