Perhaps one of the most fundamentally important tools for capturing network traffic, tcpdump provides a wealth of functionality. We'll cover the tool itself, some of its common network forensic use cases, and the command line options to support them.
