As said previously, tcp dump is an analyser tool which displays the packets which flow in a network or an interface in a computer or a server(which analyses the packets which the server is using) and displays them.
It allows us to view entire ethernet frame or other link layer and if required print the frame header. By default, tcp dump prints the packets at the IP layer.
TCPdump generally helps in solving a variety of problems and analysts say that the number of server based problems that could be solved by using TCPdump is limitless since it prints detailed information about network traffic, helps in debug denial and during service attacks. If a network is flooded and all other attempts to determine the source or destination of the traffic fail, tcpdump will show you the source address, destination address, and type of traffic involved.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment