3ANALYZING CAPTURED TRAFFIC
The internet is just a world passing notes around a classroom.
–Jon Stewart
In Chapter 2, you learned how a hacker in a coffee shop could use an ARP spoofing attack to intercept a victim’s internet traffic. Now let’s actually view that traffic. In this chapter, we’ll use two tools, Wireshark and TCPDump, to steal private data from the unencrypted packets we intercepted. I’ll also introduce the concept of a protocol and discuss the general software architecture of the internet. We’ll conclude by analyzing the packets collected by your firewall so that you can detect attacks on your network.
Packets and the Internet Protocol ...
Get Ethical Hacking now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
