swMATH ID: 4165
Software Authors: Van Jacobson, Craig Leres and Steven McCanne, all of the Lawrence Berkeley National Laboratory, University of California, Berkeley, CA.
Description: Tcpdump prints out a description of the contents of packets on a network interface that match the boolean expression. It can also be run with the -w flag, which causes it to save the packet data to a file for later analysis, and/or with the -r flag, which causes it to read from a saved packet file rather than to read packets from a network interface. In all cases, only packets that match expression will be processed by tcpdump. Tcpdump will, if not run with the -c flag, continue capturing packets until it is interrupted by a SIGINT signal (generated, for example, by typing your interrupt character, typically control-C) or a SIGTERM signal (typically generated with the kill(1) command); if run with the -c flag, it will capture packets until it is interrupted by a SIGINT or SIGTERM signal or the specified number of packets have been processed.
Homepage: http://www.tcpdump.org/
Programming Languages: C/C++
Operating Systems: BSDs (including Mac OS X) and Digital/Tru64 UNIX
Dependencies: None
Keywords: intrusion Detection System; snort; TCP/IP; TCPdump; filter; session hijacking; ICMP; smurf attack; tribe flood network; WinFreeze; loki; port scan; host scan; denial of service; distributed denial of service; land attack; WinNuke; CIDF; CISL; IDWG; OPSEC; CCI; IMAP; teardrop; ping of death; RPC
Related Software: Snort; ns-2; WebStat; PVM; NetLogger; SPLASH-2; NAS Parallel Benchmarks; MPI/MPICH; mySVM; SOM; LIBSVM; SVMlight; R; dcfldd; Sleuth Kit Autopsy; MemParser; Forensically; DETER; GeMSS; Falcon
Cited in: 12 Documents

Citations by Year