tcpdump for windows
Introduction
tcpdump for windows is everything you need to run "tcpdump" on Microsoft Windows in a single portable executable.
The "-i" option has been modified to support IP addresses in addition to interface names. The IP address can be a local address or a remote one.
Usage
- Basic usage:
C:> tcpdump -nn -i 0.0.0.0
- Write out a capture file (which can be read by "wireshark" or "tcpdump"):
C:> tcpdump -i 0.0.0.0 -w capture.pcap
Full documentation for tcpdump can be found in the tcpdump(1) man page.