Winpcap and Windump

From Free Knowledge Base- The DUCK Project: information for everyone
Revision as of 17:20, 7 July 2007 by Admin (Talk | contribs)

Jump to: navigation, search

WinDump: tcpdump for Windows

WinDump is able to use the interfaces exported by WinPcap. WinDump can run on all the operating systems supported by WinPcap, i.e. Windows 95, 98, ME, NT4, 2000, XP, 2003, Longhorn/Vista.

  • windump -p : Capture in non-promiscuous mode.
  • windump -D : Show available interfaces.
  • windump -i 2 : Select the second network interface. It is easier to specify the interface number rather than by name.


man page 

tcpdump - dump traffic on a network  
SYNOPSIS
tcpdump [ -AdDeflLnNOpqRStuUvxX ] [ -c count ]

        [ -C file_size ] [ -F file ]

        [ -i interface ] [ -m module ] [ -M secret ]

        [ -r file ] [ -s snaplen ] [ -T type ] [ -w file ]

        [ -W filecount ]

        [ -E spi@ipaddr algo:secret,... ]

        [ -y datalinktype ] [ -Z user ]
        [ expression ]

The complete windump manual: http://www.winpcap.org/windump/docs/manual.htm

Retrieved from "https://wiki.robotz.com/index.php?title=Winpcap_and_Windump&oldid=867"