Listen to network traffic using tcpdump

Please note that you have to be the root user to use this command because it puts the network card in promiscuous mode.

# tcpdump -i eth0 -A -s 0 udp port 1514 and host

The example above command listens on port 1514 which is the port ossec-hids uses on its secure communication between server/agent.

-i Listen on interface.
-A Print each packet (minus its link level header) in ASCII.
-s Snarf snaplen bytes of data from each packet rather than the default of 68 (with SunOS’s NIT, the minimum is actually 96). Setting snaplen to 0 means use the required length to catch whole packets.
udp - listen to UDP traffic
port - the port you want to listen to
host your host IP address