tcpkill command

Tcpkill is a command line tool which comes with dsnif package to kill/terminate the tcp connections on a LAN/WAN/INTERNET from ports or hosts. To install the dsnif packages read my another post regarding the dsnif installation.

Tcpkill Syntax :

  • # tcpkill [-i interface] [-1…9] expression


  • -i interface Specify the interface to listen on.
  • -1…9 Specify the degree of brute force to use in killing a connection. Fast connections may require a higher number in order to land a RST in the moving receive window. Default is 3.

{expression} Specify a tcpdump(8) filter expression to select the connections to kill.

Kill all outgoing SMTP (port 25) connection:

  • # tcpkill -i eth0 port 25


To prevent any connections to the host or an ip use this command:

  • # /usr/sbin/tcpkill −9 host
    # /usr/sbin/tcpkill −9
    # /usr/sbin/tcpkill −9 host and host

To kill all IP packets between and any host except :

  • # tcpkill ip host and not

Killing all packets arriving at or departing from host

  • # tcpkill host
    # tcpkill host

Useful Links :

Killing FIN connections using tcpkill perl script

Dsniff tutorial