How to Install Tcpdump on Ubuntu?

Step 1: Open your terminal using All Application or by using the shortcut CTRL + ALT + T.

Step 2: Once the terminal is been opened, update the system by executing the below apt command.

sudo apt-get update

Step 3: Now, by using the below command Install tcpdump on the Ubuntu system.

sudo apt-get install tcpdump

For Redhat or Centos:

yum install tcpdump

For Latest version of Redhat we can also use.

dnf install tcpdump

Step 4: After installing tcpdump run the below command to check and to know if the tcpdump has been installed on your system.

tcpdump --version

Tcpdump is the command line tool that allows the user to capture and analyze network traffic by intercepting and displaying packets that are being created and received by the user’s system. It allows users to capture and inspect network traffic in real-time as it passes through a network interface.

Features:

• Packet Capture: Tcpdump can capture packets traversing a network interface, making it possible to analyze the content of data packets, including headers and payloads.
• Protocol Analysis: It can decode and display packets for a wide range of network protocols, such as TCP, UDP, ICMP, HTTP, FTP, and more. This makes it a versatile tool for debugging and monitoring network communications.
• Filter and Display: Tcpdump allows users to apply filters to capture only specific types of packets or traffic originating from particular IP addresses or ports. This selective capturing helps in focusing on specific network events or troubleshooting particular network issues.
• Real-time Monitoring: Tcpdump displays captured packets in real-time, enabling administrators to monitor network activity as it happens. This is especially useful for diagnosing network problems and detecting suspicious or unexpected traffic patterns.