Tcpdump is similar to what Wireshark in which i have explained earlier in my posts. It captures packets that travels through your network into your computer disregarding whether it is from the Internet or your inner network. Tcpdump is a command line utility whereby you would have to set the options before you proceed in capturing packets. This application is very useful especially for network administrators as well as security analyst to analyze threats that are in the system. Personally, i run tcpdump on my Ubuntu laptop. To get tcpdump on your Ubuntu, type “sudo apt-get install tcpdump”. The thing is that tcpdump runs in Linux based machines while it is called WinDump in the Windows operating system. Basically it is up to you to run tcpdump in Linux, WinDump in Windows or Wireshark (Linux/Windows) but the most important thing is how good are you at using it.
Source: http://www.tcpdump.org/
Genesis Database 