Skip to content

Linux Quickie: Listen To Network Traffic

How to listen to network traffic in linux. A fast guide for every novice or expert that forgot the command. Easy sniffing.

An easy way to listen to network traffic flowing through a specific network interface is tcpdump. You can set it to listen to different kind of things. You just have to set the filters properly.

Let’s say you’re “sniffing” your network by listening on the port 80 (standart http). You would have to use the following command:

$ sudo tcpdump -i eth0 -v 'tcp port 80'

-i specifies the interface to listen to. In this example it’s the default ethernet interface eth0.

-v specifies a pcap-filter. Read more about them in the manpage.

You could use this method to sort of make a man-in-the-middle attack, by providing a hotspot from your phone or something. Or you could just read what’s happening in the enterprise network. Both for security reasons of course.

Published inLinuxQuickies

Be First to Comment

Leave a Reply

%d bloggers like this: