Winpcap and Windump

From Free Knowledge Base- The DUCK Project: information for everyone
Revision as of 17:05, 7 July 2007 by Admin (Talk | contribs)

Jump to: navigation, search

WinDump: tcpdump for Windows

WinDump is able to use the interfaces exported by WinPcap. WinDump can run on all the operating systems supported by WinPcap, i.e. Windows 95, 98, ME, NT4, 2000, XP, 2003, Longhorn/Vista.

  • windump -p : capture in non-promiscuous mode
  • windump -D : show available interfaces
  • windump -i 2 : select the second network interface

man page

tcpdump - dump traffic on a network  
SYNOPSIS
tcpdump [ -AdDeflLnNOpqRStuUvxX ] [ -c count ]

        [ -C file_size ] [ -F file ]

        [ -i interface ] [ -m module ] [ -M secret ]

        [ -r file ] [ -s snaplen ] [ -T type ] [ -w file ]

        [ -W filecount ]

        [ -E spi@ipaddr algo:secret,... ]

        [ -y datalinktype ] [ -Z user ]
        [ expression ]