O'Reilly logo

Instant Traffic Analysis with Tshark How-to by Borja Merino

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Delimiting network problems (Should know)

This recipe will explain some useful commands that will help us find the root of many problems related to the performance of our network. A fairly typical case is one in which we experience some problems with the bandwidth of our network. If we lack advanced network devices that allow us to configure QoS or Deep Packet Inspection, we can use Tshark to try to find out which hosts are generating more traffic and what type of data they are sending.

How to do it...

  1. The first approach to determine which IPs in our VLAN (192.168.15.0/24) could be misusing the network would be to get the list of IP conversations. This list is sorted according to the total number of frames, so it could give us an idea of the heavy ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required