There are many alternatives to tcpdump for Linux if you are looking to replace it. The most popular Linux alternative is 
Wireshark, which is both free and Open Source. If that doesn't suit you, our users have ranked 21 alternatives to tcpdump and nine of them are available for Linux so hopefully you can find a suitable replacement. Other interesting Linux alternatives to tcpdump are 
Sysdig (Free, Open Source), 
NetworkMiner (Free, Open Source), 
PacketSled (Freemium) and 
Ethereal (Free, Open Source).
tcpdump is a common packet analyzer that runs under the command line. If you're looking for more info about tcpdump like screenshots, reviews and comments you should visit our info page about it. Below you find the best alternatives.
Wireshark is the world's foremost network protocol analyzer. It lets you capture and interactively browse the traffic running on a computer network. It is the de facto (and often de jure) standard across many industries and educational institutions.
Sysdig is open source, system-level exploration: capture system state and activity from a running Linux instance, then save, filter and analyze. Think of it as strace + tcpdump + lsof + awesome sauce. With a little Lua cherry on top.
NetworkMiner is an open source Network Forensic Analysis Tool (NFAT) for Windows (but also works in Linux / Mac OS X / FreeBSD). NetworkMiner can be used as a passive network sniffer/packet capturing tool in order to detect operating systems, sessions, hostnames, open ports etc. without putting any traffic on the network. NetworkMiner can also parse PCAP files for off-line analysis and to regenerate/reassemble transmitted files and certificates from PCAP files.
PacketSled is next generation network forensics and breach detection. Continuously monitor for advanced threats and policy violations missed by other defenses, then analyze and remediate in record time. PacketSled provides three types of threat detection: IOC signature matching, file extraction and analysis and behavioral analytics.
Ethereal® is used by network professionals around the world for troubleshooting, analysis, software and protocol development, and education. It has all of the standard features you would expect in a protocol analyzer, and several features not seen in any other product. Its open source license allows talented experts in the networking community to add enhancements. It runs on all popular computing platforms, including Unix, Linux, and Windows.
Driftnet is a program which listens to network traffic and picks out images from TCP streams it observes.
tcpflow, a TCP Flow Recorder, is a program that captures data transmitted as part of TCP connections (flows), and stores the data in a way that is convenient for protocol analysis or debugging. A program like 'tcpdump' shows a summary of packets seen on the wire, but usually doesn't store the data that's actually being transmitted. In contrast, tcpflow reconstructs the actual data streams and stores each flow in a separate file for later analysis.
httpry is a tool designed for displaying and logging HTTP traffic. It is not intended to perform analysis itself, but instead to capture, parse and/or log the traffic for later analysis. It can be run in real-time displaying the live traffic on the wire, or as a daemon process that logs to an output file. It is written to be as lightweight and flexible as possible, so that it can be easily adaptable to different applications.
Network TCP Packet Sniffer Justniffer is a network protocol analyzer that captures network traffic and produces logs in a customized way, can emulate Apache web server log files, track response times and extract all "intercepted" files from the HTTP traffic. It lets you interactively trace tcp traffic from a live network or from a previously saved capture file.
