Informatika & Komputer    
   
Daftar Isi
(Sebelumnya) TCPDFTea (programming language) (Berikutnya)

tcpdump

tcpdump
tcpdump console output
tcpdump console output
Developer(s)The Tcpdump team
Stable release4.3.0 / June 12, 2012; 9 months ago (2012-06-12)[1]
Operating systemLinux, Solaris, FreeBSD, NetBSD, OpenBSD, Mac OS X, additional *NIX systems, Windows
TypePacket analyzer
LicenseBSD license[2]
Websitewww.tcpdump.org

tcpdump is a common packet analyzer that runs under the command line. It allows the user to intercept and display TCP/IP and other packets being transmitted or received over a network to which the computer is attached. Distributed under the BSD license,[3] tcpdump is free software.

Tcpdump works on most Unix-like operating systems: Linux, Solaris, BSD, Mac OS X, HP-UX and AIX among others. In those systems, tcpdump uses the libpcap library to capture packets. The port of tcpdump for Windows is called WinDump; it uses WinPcap, the Windows port of libpcap.

Contents

History

It was originally written in 1987 by Van Jacobson, Craig Leres and Steven McCanne who were, at the time, working in the Lawrence Berkeley Laboratory Network Research Group. By the late 1990s there were numerous versions of tcpdump distributed as part of various operating systems, and numerous patches that were not well coordinated. Michael Richardson (mcr) and Bill Fenner created www.tcpdump.org in 1999.

Common uses

Tcpdump analyzes network behavior, performance and applications that generate or receive network traffic. It can also be used for analyzing the network infrastructure itself by determining whether all necessary routing is occurring properly, allowing the user to further isolate the source of a problem.

It is also possible to use tcpdump for the specific purpose of intercepting and displaying the communications of another user or computer. A user with the necessary privileges on a system acting as a router or gateway through which unencrypted traffic such as Telnet or HTTP passes can use tcpdump to view login IDs, passwords, the URLs and content of websites being viewed, or any other unencrypted information.

The user may optionally apply a BPF-based filter to limit the number of packets seen by tcpdump; this renders the output more usable on networks with a high volume of traffic.

Privileges required

In some Unix-like operating systems, a user must have superuser privileges to use tcpdump because the packet capturing mechanisms on those systems require elevated privileges. However, the -Z option may be used to drop privileges to a specific unprivileged user after capturing has been set up. In other Unix-like operating systems, the packet capturing mechanism can be configured to allow non-privileged users to use it; if that is done, superuser privileges are not required.

See also

Portal iconFree software portal
  • Packetsquare, A protocol field (pcap) editor and replay tool
  • Tcptrace, a tool for analyzing the logs produced by tcpdump
  • EtherApe, a network mapping tool that relies on sniffing traffic
  • Ngrep, a tool that can match regular expressions within the network packet payloads
  • netsniff-ng, a free Linux networking toolkit

References

  1. ^ "tcpdump and libpcap latest release". tcpdump & libpcap. 2012-06-12. Retrieved 2012-06-12. 
  2. ^ "tcpdump and libpcap license". tcpdump & libpcap. 2005.02.20. Retrieved 2012-04-13. 
  3. ^ "LICENSE file from source code (public GIT repository)". 

External links

(Sebelumnya) TCPDFTea (programming language) (Berikutnya)