How to use the tcpdump command to capture network packets on Ubuntu?

@georgiana.senger 

To use the tcpdump command to capture network packets on Ubuntu, you can follow these steps:

1. Open a terminal window on your Ubuntu system.
2. Run the following command to install tcpdump (if it is not already installed):sudo apt-get install tcpdump
3. Run the following command to capture network packets on a specific network interface (replace "interface" with the name of the network interface you want to use, such as eth0 or wlan0):sudo tcpdump -i interface
4. You can also specify a specific port number to capture packets that are sent or received on that port by adding the port number after the interface name. For example, to capture packets on port 80 on the eth0 interface, you would use the following command:sudo tcpdump -i eth0 port 80
5. By default, tcpdump will capture packets continuously until you stop the capture manually by pressing Ctrl+C. You can also specify a specific number of packets to capture by using the -c option followed by the number of packets you want to capture. For example, to capture only 100 packets on the eth0 interface, you would use the following command:sudo tcpdump -i eth0 -c 100
6. Finally, you can save the captured packets to a file by using the -w option followed by the name of the file you want to save to. For example, to capture packets on the eth0 interface and save them to a file called "captured.pcap", you would use the following command:sudo tcpdump -i eth0 -w captured.pcap

Note: Capturing network packets requires administrative privileges, so you may need to run tcpdump with sudo or as root.