O'Reilly logo

Instant Traffic Analysis with Tshark How-to by Borja Merino

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Capturing traffic (Must know)

This recipe will show some of the options available to capture traffic. As we will see, each of the alternatives will depend on the objectives of the analyst and the available network infrastructure.

How to do it...

The methods that follow are described as some of the best alternatives used to capture traffic.

Bridge mode

  1. A good and quick option for this is to install bridge-utils (the bridge utilities package for Linux).
  2. Running aptitude install bridge-utils in our Ubuntu machine will be enough to install this package. To configure both interfaces (in the example eth0 and eth1) we will execute the following command:
    bmerino@Mordor:/$ sudo brctl addbr Tshark_Bridge
    bmerino@Mordor:/$ sudo brctl addif Tshark_Bridge eth0 ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required