BPFs

 Introduction What are Berkeley Packet Filters? BPF’s are a raw (protocol independent) socket interface to the data link layer that allows filtering of packets in a very granular fashion1. BPFs were first ...

Pcaps and the Tools That Love Them Part 1 of ???

| | bpfs, tcpdump
There are many pcap tools available and which ones you use really depends on what you're using them for. Some are very good at just giving you the raw data, others parse ...