Intruder Detection with tcpdump

The Author

David J. Dodd holds a current Top Secret DoD Clearance and is available for consulting on various Information Assurance projects. A former US Marine with an Avionics background in Electronic Countermeasures Systems, David has given talks at the San Diego Regional Security Conference and SDISSA. He is a member of InfraGard and contributes to Securing Our eCity (http://securingourecity.org). He works for pbnetworks Inc. (http://pbnetworks.net), a service-disabled-veteran–owned business located in San Diego, CA. You can contact him by emailing dave@pbnetworks.net.

Related content

  • Wireshark

    Troubleshoot network problems with this popular protocol analyzer.

  • Network Grep

    Ngrep is a pattern-matching tool that sorts the wheat from the chaff and doubles as a lightweight packet sniffer.

  • Visualize Your Network

    Sometimes data that’s five minutes old just isn’t good enough. An abundance of network monitoring tools for SNMP makes a sys admin’s job easier by collecting and displaying a superabundance of constantly changing data.

  • Arp Cache Poisoning and Packet Sniffing

    Intruders rely on arp cache poisoning to conceal their presence on a local network. We'll show you some of the tools an attacker might use to poison the arp cache and gather information on your network.

  • Moving Data Between Virtual Machines
    Network information in virtualized computer landscapes is not easy to access. In this article, we look at a few approaches you can use.
comments powered by Disqus
Subscribe to our ADMIN Newsletters
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs



Support Our Work

ADMIN content is made possible with support from readers like you. Please consider contributing when you've found an article to be beneficial.

Learn More”>
	</a>

<hr>		    
			</div>
		    		</div>

		<div class=