If you are trying to packet capture on a remote server as a non root user carry out the following as root:

Add a capture group and add yourself to it:

groupadd pcap
usermod -a -G pcap <strong>nonrootuser</strong>

Next, change the group of tcpdump and set permissions:

chgrp pcap /usr/sbin/tcpdump
chmod 750 /usr/sbin/tcpdump

Finally, use setcap to give tcpdump the necessary permissions:

setcap cap_net_raw,cap_net_admin=eip /usr/sbin/tcpdump

Credit goes to askubuntu.com: http://askubuntu.com/questions/530920/tcpdump-permissions-problem

Written by Matt Cooper
Hi, I'm Matt Cooper. I started this blog to pretty much act as a brain dump area for things I learn from day to day. You can contact me at: matt@linuxtutorial.co.uk.