Ubuntu: Using tcpdump for analysis of network traffic and port usage

tcpdump comes standard on Ubuntu servers and is an invaluable tool in determining traffic coming in and out of a host.

As network infrastructures have become more complex and security conscious, validating network flow from client hosts through potentially multiple proxies and ultimately to a destination host and port has become more important than ever.

Let me list a few of the more common use cases.

Continue reading “Ubuntu: Using tcpdump for analysis of network traffic and port usage”