tcpdump – dump traffic on a network

NAME
tcpdump – dump traffic on a network

DESCRIPTION
Tcpdump prints out a description of the contents of packets on a network
interface that match the boolean expression; the description is preceded
by a time stamp, printed, by default, as hours, minutes, seconds, and
fractions of a second since midnight. It can also be run with the -w
flag, which causes it to save the packet data to a file for later
analysis, and/or with the -r flag, which causes it to read from a saved
packet file rather than to read packets from a network interface. It can
also be run with the -V flag, which causes it to read a list of saved
packet files. In all cases, only packets that match expression will be
processed by tcpdump.

If you’re using an Ethernet network interface, type or paste this command (if you use a Mac Pro you may need to change en0 to en1 as noted above):

sudo tcpdump -i en0 -s 0 -B 524288 -w ~/Desktop/DumpFile01.pcap

Link
https://theagileadmin.com/2017/05/26/tcpdump-and-wireshark-on-osx/

https://macblog.org/mdmpackettrace/

Leave a Comment

Your email address will not be published. Required fields are marked *

Scroll to Top
Share via
Copy link