A few weeks ago I gave a brief talk on using the tcpdump utility for situational awareness on networks. The talk was for a general audience. The tcpdump utility can be used for security monitoring, audit, or just plain IT management. I am putting the slides up for download by anyone who might be interested.
The latest documentation for tcpdump and filters can be found here: