Evans Julia. Lets Learn Tcpdump

No Starch Press, 2019. — 12 p.Tcpdump is a useful tool for seeing what network packets are being sent/received on a computer. I used to be really confused about tcpdump! I’d run tcpdump, it would print a bunch of incomprehensible output, I’d look at the man page, and I’d run away.I’ve learned a lot more about it and these days, I feel really comfortable with tcpdump! I’ll see a networking problem, think “oh, no big deal, I’ll just fire up tcpdump!”, and be one step closer to figuring it out.So I decided to write a short 12-page zine to explain tcpdump basics so that you too can realize “hey, this isn’t so bad!”.Ever wanted to know how to use tcpdump, but were intimidated by all the command line options? I was too! But then I learned it, and it wasn't as bad as I thought.In this zine we'll explain:
- what kinds of questions you can answer with tcpdump
- how to interpret tcpdump output
- which command line arguments are the really important ones
- how to write a BPF filter to filter tcpdump output
- and more!