I am trying to get an output using the command
tcpdump -w /tmp/syn.pcap 'tcp[tcpflags] & (tcp-syn) != 0'
But I am getting the error:
tcpdump: no suitable device found
Is there an alternate command to achieve this?
Are you root?
Yes I am root.
Traditionally, you must specify a device. Therefore
tcpdump -i eth0 -w /tmp/syn.pcap 'tcp[tcpflags] & (tcp-syn) != 0'
But that assumes you want it from eth0. Maybe you want it from wlan0. But maybe your system currently has no interfaces that are up. That would explain why you're not seeing any tcp packets and are resorting to tcpdump in the first place.
Also, the output will be to that file so you won't know it's working right away. Try it without -w... until you get some output.
tcpdump: BIOCVERSION: Invalid argument is the output I get