Virus, Trojan, Worm, etc.
10. The tcpdump program
Tcpdump is a program that allows root to “sniff” TCP/IP
packets and display the contents in a number of different formats.
This is a useful tool if you want to see exactly what is happening on an
Ethernet segment. The source code and installation information can be found at ftp://ftp.ee.lbl.gov/tcpdump.tar.Z.
The output can be somewhat verbose and you really need to understand what
you’re looking at. To help with that the book “UNIX Network Programming –
Volume 1, Second Edition” by W. Richard Stevens is an excellent place to