TcpDump Usage of tcpdump: For example monitoring SMTP from a particular host: # tcpdump -w tcpdump.out -s 0 ip host 84.47.53.128 and tcp port 25 WireShark/Ethereal Examine the captured file using tshark: # tshark -r tcpdump.out Executables within wireshark: /usr/sbin/capinfos