Tcpdump | Jan. 17, 2010

Tcpdump does exactly what its name implies: it dumps the contents of
the TCP/IP packets
passing through an interface to an output device, usually the screen
or to a file.
In order for Tcpdump to work, it must be able to put network card into what is
called ___________ mode. This means that the
network card will intercept all traffic on the Ethernet wire, not just
that addressed to it. Each operating system processes
traffic from the Ethernet card in a different fashion. To provide a common
reference for programmers, a library called _________ was
created. On UNIX this is
known as _________ and on Windows as __________. These low-level drivers can modify the way the card would
normally handle traffic. They must be installed before you can install
Tcpdump.If Tcpdump is already on the system, then already there exist
this driver installed. If not we have to install it

Approved.

In order for Tcpdump to work, it must be able to put your network card into what is called promiscuous mode. This means that the network card will intercept all traffic on the Ethernet wire, not just that addressed to it. Each operating system processes traffic from the Ethernet card in a different fashion. To provide a common reference for programmers, a library called pcap was created. On UNIX this is known as libpcap and on Windows as WinPcap. These low-level drivers can modify the way the card would normally handle traffic. They must be installed before you can install Tcpdump.

Wow!
You're Correct!

thanks pankaj.sea