Home

tcpdump for windows

Introduction

tcpdump for windows is everything you need to run "tcpdump" on Microsoft Windows in a single portable executable.

The "-i" option has been modified to support IP addresses in addition to interface names. The IP address can be a local address or a remote one.

Usage

  • Basic usage:
    • C:> tcpdump -nn -i 0.0.0.0
  • Write out a capture file (which can be read by "wireshark" or "tcpdump"):
    • C:> tcpdump -i 0.0.0.0 -w capture.pcap

Full documentation for tcpdump can be found in the tcpdump(1) man page.

Next Steps