tcpdump
tcpdump helps you sniff and capture packets!
Raw "circular" capture
Do a "circular" capture of raw data in separate files of 200mb each. After the sixth file of 200mb is done getting written, tcpdump will start to overwrite the first file:
sudo tcpdump -w /tmp/capture.cap -C 200 -W 6
Capture only inbound pings
sudo tcpdump -i NETWORKINTERFACENAME icmp and dst host YOUR.LOCAL.IP.ADDRESS
Capture traffic coming in from a single host while excluding ARP and UDP
sudo tcpdump -i eth0 src host 1.2.3.4 and not arp -w capture.pcap -vvv -U
Then to see just the ports that people tried to connect to you on
sudo tcpdump -r 2024-07-16-1741-capture.pcap not udp and not icmp -nn -tttt