tcpdump is a program that performs capture of packet information for IP packets. It originally supported only TCP packets, but has since grown to decode all manner of protocols, including UDP and ICMP.
- Capture information to file with -w as on slower hosts you will drop information if you capture and display at same time. When you capture you also get to look at again (and again and again).
- Use -s0, as the default capture length does not capture enough information for many Protocols.