On the surface, tcpdump looks fairly simple.
And generally speaking, it is. The default output is on the left, and for the most part, it’s probably the easiest to read.
On the right, the
-A flag, which displays ASCII and looks a little less coherent. Of course, networking is not my strong point, so it may be that there’s a use I don’t know about.
I’m going to pull up short on tcpdump, mostly because I still have about 100 more titles in the T section, and because it is among the grand poo-bahs of network tools, right up there with nmap, netcat and the almighty ping. 🙄
I also don’t know of much tcpdump kung-fu. So the less time I spend with it, the less of a chance I embarrass myself trying to explain how to use it. 😐 😳