0

Trying to start learning tcpdump. However whenever I try to use it rather than giving me a list of adapters when using tcpdump -nS, I get:

tcpdump: WARNING: SIOCGIFADDR: dbus-system: No such device
tcpdump: packet printing is not supported for link type DBUS: use -w

From tcpdump -D:

1. dbus-system
2. dbus-session

From tcpdump -w:

tcpdump version 4.5.1
libpcap version 1.5.1
ss7
  • 2,902
  • 7
  • 41
  • 90

1 Answers1

1

You need to run tcpdump as root. Otherwise, tcpdump -D will not show all of the possible devices.

Then you need to specify the interface you wish to capture on, with -i:

tcpdump -i eth0

If unspecified, tcpdump searches the system interface list for the lowest numbered, configured up interface (excluding loopback).

Jonathon Reinhart
  • 132,704
  • 33
  • 254
  • 328
  • "You need to run tcpdump as root. Otherwise, tcpdump -D will not show all of the possible devices." In particular, it will only show you the devices on which you can capture if you're *not* running as root, which may not include your network devices. If that's the case, you won't be able to capture traffic without running tcpdump as root. –  Apr 25 '14 at 23:55
  • Thanks, now I feel stupid. Forgot it had to run as root – ss7 Apr 26 '14 at 00:30