0
Hello I recently downloaded tcpdump from the www.tcpdump.org/ website, extracted the tar.gz file and found nothing but source and header files, I do not posses the necessary knowledge to get a working .exe if someone could assist me with the task I would appreciate it.
AlanZ2223
Posted 2014-10-14T23:02:16.440
Reputation: 119
1
tcpdump is a tool for Unix / linux based systems for capturing traffic at the packet level. It comes as a source package, as it is an open source package aimed at
While there are Windows versions of tcpdump available, the underlying capture method works differently to *nix systems.
You would be better off choosing a tool built for Windows, such as Wireshark (gui based capture tool) or windump, which is a command line tool that syntactically operates in the same way as tcpdump. Both are based on the WinPcap library for packet capture.
Paul
Posted 2014-10-14T23:02:16.440
Reputation: 52 173
very reasonable, are there any major discrepancies between tcpdump and windump? – AlanZ2223 – 2014-10-14T23:59:01.353
Both the syntax of the command, and the output .cap format are supposed to be interoperable with tcpdump. As they are based on winpcap, I think you can trust this - I have never had an issue with a .cap file not working across .cap compatible apps on different operating systems. – Paul – 2014-10-15T00:19:34.763
WinDump is a Windows version of tcpdump. It's not based on the latest version of tcpdump, so there may be differences between it and more recent versions of tcpdump. WinPcap is also libpcap-based, so the file format it reads and writes is the same pcap format that libpcap reads and writes (it's based on an older version of libpcap which didn't include support for reading pcap-ng files). – None – 2014-10-15T19:09:32.530
What OS are you using? – Paul – 2014-10-14T23:17:08.970
Using Windows 8.1 – AlanZ2223 – 2014-10-14T23:22:54.363