Close this search box.

TCPdump: How to set it up and use it

Table of Contents

TCPdump: How to set it up and use it



CLI-based tool for capturing packets, Tcpdump. This tool analyzes packets, decodes data payloads if the encryption keys can be deciphered, as well as recognizes file transfer payloads (SMTP, HTTP, etc.). The program enables the user to watch packets being sent and received across a network. TCPdump is free software licensed under the BSD license. For Linux, almost any UNIX-based operating system will work.


In this article, we will explain how to set tcpdump and use it.



Step 1: Configure VPSie cloud server


  1. Sign in to your system or register a newly created one by logging in to your VPSie account
  2. Connect by SSH using the credentials we emailed you.
  3. Once you have logged into your Ubuntu instance, run these commands to update your system.
apt-get update && apt-get upgrade -y


Step 2: Install TCPdump


Install by running the following command,


For CentOS/RHEL,


yum install tcpdump


For Debian and Ubuntu,


apt-get install tcpdump


Run this command to verify the installation,


# tcpdump --version
tcpdump version 4.9.3 libpcap version 1.8.1 OpenSSL 1.1.1d 10 Sep 2019



Step 3: Using tcpdump


1. Run the following command to find out what interfaces are available on the system.


tcpdump -D




# tcpdump -D

1.eth0 [Up, Running]
2.eth1 [Up, Running]
3.any (Pseudo-device that captures on all interfaces) [Up, Running]
4.lo [Up, Running, Loopback] 


2. Run the following command to capture packets from a specific interface,


tcpdump -i eth0


3. Run the following command to capture IP address packets,


tcpdump -n -i eth0


4. Run the following command to capture only TCP packets,


tcpdump -i eth0 -c 20 -w tcpanalyze.pcap tcp


5. Run the following command to capture packets from a specific port,


tcpdump -i eth0 port 80


With source and destination IP addresses, filter records,


Obtain packets from a source IP,


tcpdump -i eth0 src


Obtain packets from a destination IP,


tcpdump -i eth0 dst


That’s it, Thanks for reading! I hope it was informative for you! 


Make a Comment
Share on
VPSie Cloud service

Fast and Secure Cloud VPS Service

For a month

The First 1 orders gets free discount today! Try Sign up on VPSie to get a chance to get the discount.