tcpdump - command-line network traffic analyzer

Property Value
Distribution Debian 7 (Wheezy)
Repository Debian Main i386
Package name tcpdump
Package version 4.3.0
Package release 1+deb7u2
Package architecture i386
Package type deb
Installed size 861 B
Download size 388.60 KB
Official Mirror
This program allows you to dump the traffic on a network. tcpdump
is able to examine IPv4, ICMPv4, IPv6, ICMPv6, UDP, TCP, SNMP, AFS
BGP, RIP, PIM, DVMRP, IGMP, SMB, OSPF, NFS and many other packet
It can be used to print out the headers of packets on a network
interface, filter packets that match a certain expression. You can
use this tool to track down network problems, to detect attacks
or to monitor network activities.


Package Version Architecture Repository
tcpdump_4.9.2-1~deb7u1_i386.deb 4.9.2 i386 Debian Security Updates Main
tcpdump_4.9.2-1~deb7u1_amd64.deb 4.9.2 amd64 Debian Security Updates Main
tcpdump_4.3.0-1+deb7u2_amd64.deb 4.3.0 amd64 Debian Main
tcpdump - - -


Name Value
libc6 >= 2.7
libpcap0.8 >= 1.2.1
libssl1.0.0 >= 1.0.0


Type URL
Binary Package tcpdump_4.3.0-1+deb7u2_i386.deb
Source Package tcpdump

Install Howto

  1. Update the package index:
    # sudo apt-get update
  2. Install tcpdump deb package:
    # sudo apt-get install tcpdump




2015-03-16 - Romain Francoise <>
tcpdump (4.3.0-1+deb7u2) wheezy-security; urgency=high
* Cherry-pick changes from upstream Git to fix the following security
+ CVE-2015-0261: missing bounds checks in IPv6 Mobility printer.
+ CVE-2015-2153: missing bounds checks in RPKI/RTR printer.
+ CVE-2015-2154: missing bounds checks in ISOCLNS printer.
+ CVE-2015-2155: missing bounds checks in ForCES printer.
2014-11-29 - Romain Francoise <>
tcpdump (4.3.0-1+deb7u1) wheezy-security; urgency=high
* Add patches extracted from the upstream tcpdump_4.3 branch fixing
three security issues:
+ CVE-2014-8767: missing bounds checks in the OLSR dissector
(closes: #770434).
+ CVE-2014-8769: missing bounds checks in the AODV dissector
(closes: #770424).
+ CVE-2014-9140: missing bounds checks in the PPP dissector
2012-06-13 - Romain Francoise <>
tcpdump (4.3.0-1) unstable; urgency=low
* New upstream release.
* Re-enable test suite.
2012-03-03 - Romain Francoise <>
tcpdump (4.2.1-3) unstable; urgency=low
* Fix CPPFLAGS handling in upstream to avoid losing
hardening flags, patch by Simon Ruderich <>
(closes: #662016).
* Fix some misspellings pointed out by lintian.
* debian/control: Set Standards-Version to 3.9.3.
2012-02-06 - Romain Francoise <>
tcpdump (4.2.1-2) unstable; urgency=low
* Drop debian/patches/50_kfreebsd.diff (closes: #658848).
2012-01-02 - Romain Francoise <>
tcpdump (4.2.1-1) unstable; urgency=low
* New upstream release.
* Upload to unstable.
2011-11-06 - Romain Francoise <>
tcpdump (4.2.0~rc1-2) experimental; urgency=low
* Make sure OpenSSL support gets enabled: since it moved to multiarch
paths, the configure script doesn't find and disables
crypto support. To fix this, simplify detection logic in
and run autoconf before configuring.
* Redo build flags handling:
+ Enable hardening flags via dpkg-buildflags, not hardening-includes.
+ Switch to debhelper compat level 9 to have build flags exported
+ Adjust build-depends accordingly.
* Enable parallel build in debhelper.
2011-08-14 - Romain Francoise <>
tcpdump (4.2.0~rc1-1) experimental; urgency=low
* New upstream beta release (closes: #636806); now switches to the -Z
user before opening the first output file (closes: #434603).
* debian/control: Set Standards-Version to 3.9.2.
2011-04-11 - Romain Francoise <>
tcpdump (4.1.1-2) unstable; urgency=low
* Fix FTBFS on GNU/Hurd; patch from Svante Signell (closes: #622287).
* debian/control: Tweak short and long descriptions, set
Standards-Version to 3.9.1.
2010-04-06 - Romain Francoise <>
tcpdump (4.1.1-1) unstable; urgency=low
* New upstream release (closes: #576001).
* debian/rules: Disable dh_auto_test (for now).
* debian/control: Set Standards-Version to 3.8.4.
* debian/patches/30_uflag_flushopen.diff: New patch: when saving to a
capture file with -U, flush the file immediately after opening it.
Suggested by Ferenc Wagner <> (closes: #533625).
* debian/patches/20_man_fixes.diff: Fix TCP flags description, thanks to
Christophe Rhodes <> (closes: #575724).

See Also

Package Description
tcpflow_0.21.ds1-7_i386.deb TCP flow recorder
tcpick_0.2.1-6_i386.deb TCP stream sniffer and connection tracker
tcpreen_1.4.4-2_i386.deb Simple TCP re-engineering tool
tcpreplay_3.4.3-2+wheezy1_i386.deb Tool to replay saved tcpdump files at arbitrary speeds
tcpser_1.0rc12-1_i386.deb emulate a Hayes compatible modem
tcpslice_1.2a3-4_i386.deb extract pieces of and/or glue together tcpdump files
tcpspy_1.7d-4_i386.deb Incoming and Outgoing TCP/IP connections logger
tcpstat_1.5-7_i386.deb network interface statistics reporting tool
tcptrace_6.6.7-4.1_i386.deb Tool for analyzing tcpdump output
tcptraceroute_1.5beta7+debian-4_i386.deb traceroute implementation using TCP packets
tcptrack_1.4.2-1_i386.deb TCP connection tracker, with states and speeds
tcputils_0.6.2-9_i386.deb Utilities for TCP programming in shell-scripts
tcpwatch-httpproxy_1.3b-3_all.deb TCP monitoring and logging tool with support for HTTP 1.1
tcpxtract_1.0.1-8_i386.deb extracts files from network traffic based on file signatures
tcs_1-11_i386.deb character set translator