▶ 11.5 Network Inspection Tools
This section examines two tools for inspecting a computer network. The first tool, Wireshark, collects network traffic and displays it as a sequence of packets. The second tool is nmap, the “network mapper” utility. Nmap scans a network for host computers and tries to identify the services those computers provide.
Wireshark
Network traffic becomes easier to understand, both for beginners and experts, if we look at the messages firsthand. We use Wireshark to watch hosts exchange packets and to examine individual packets in detail. Wireshark provides a graphical interface organized around a single window, as shown in FIGURE 11.14.
Get Elementary Information Security, 3rd Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
