312-50V13 · Question #65
Which of the following is a command line packet analyzer similar to GUI-based Wireshark?
The correct answer is B. tcpdump. tcpdump is a powerful command-line packet analyzer that captures and displays network traffic directly in the terminal, making it the command-line equivalent of the GUI-based Wireshark. Both tools use the same underlying packet capture library (libpcap), and tcpdump output can ev
Question
Options
- Anessus
- Btcpdump
- Cethereal
- Djack the ripper
How the community answered
(50 responses)- A4% (2)
- B94% (47)
- C2% (1)
Explanation
tcpdump is a powerful command-line packet analyzer that captures and displays network traffic directly in the terminal, making it the command-line equivalent of the GUI-based Wireshark. Both tools use the same underlying packet capture library (libpcap), and tcpdump output can even be saved in a format readable by Wireshark.
Why the distractors are wrong:
- Nessus is a vulnerability scanner, not a packet analyzer
- Ethereal was the original name for Wireshark before it was rebranded in 2006 - it's GUI-based, not command-line
- Jack the Ripper (likely referring to John the Ripper) is a password-cracking tool, completely unrelated to packet analysis
Memory Tip: Think of tcpdump as "dumping" raw TCP/IP network traffic straight to your terminal screen - the name itself tells you exactly what it does. If you remember that Wireshark was once called Ethereal, you can immediately eliminate option C since it's still GUI-based, leaving tcpdump as the only true command-line analyzer.
Topics
Community Discussion
No community discussion yet for this question.