Skip to Main Content
Instant Traffic Analysis with Tshark How-to
book

Instant Traffic Analysis with Tshark How-to

by Borja Merino
April 2013
Intermediate to advanced content levelIntermediate to advanced
68 pages
1h 32m
English
Packt Publishing
Content preview from Instant Traffic Analysis with Tshark How-to

Auditing network applications (Must know)

Tshark can help us greatly to audit applications that make use of sockets. Furthermore, we can use it as a support tool to understand and investigate protocols that lack technical documentation. In this recipe we will see a couple of examples that represent these scenarios.

How to do it...

  1. Suppose that we are auditing a small application that uses sockets to communicate with clients. The application itself only receives a series of commands and replies to them with some information. Let's see how it works:
    bmerino@Mordor:~$ nc 192.168.1.35 8012
    Service BANE-1.0
    IP   
    --> 192.168.1.35
    PORTS
    --> 8012,8080,80,21
    AAAA
    --->Command not found. Type H for help
    H
    --->H,IP,PORTS,TCP,UDP,LISTENING,CONNECTIONS
    
  2. So, when ...
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Start your free trial

You might also like

Next Generation Red Teaming

Next Generation Red Teaming

Henry Dalziel
Wireshark & Ethereal Network Protocol Analyzer Toolkit

Wireshark & Ethereal Network Protocol Analyzer Toolkit

Jay Beale, Angela Orebaugh, Gilbert Ramirez

Publisher Resources

ISBN: 9781782165385Other