If you work as an investigator, I feel sure that when you read the title of this chapter regarding sniffing network traffic, you will think of the potential issues involved that could make it difficult or impossible. If you work within government or law enforcement, you will immediately think of the application of wiretap and intercept legislation—here in the UK, this type of activity requires an intercept warrant, which can be difficult to obtain. If you are a civilian investigator, you may assume that this type of activity is illegal and outside your sphere of expertise.

It is true that most countries have laws against intercepting any type of communications—whether it's voice, radio, or data—and parts of this chapter assume that you have the legal right to acquire data. I will make it clear when I'm talking about a technique that is likely covered by legislation, but it is your responsibility to check the local laws in your country and follow them. This also applies to government and law enforcement officers that will need to consider what approvals are needed.

This brief chapter will teach you how to monitor a specific Bitcoin node, wherever it may be in the world, and will also look at analyzing data packets for Bitcoin traces.

What Is Intercept?

Intercept legislation is usually described as intercepting and storing communications that are destined for a specific destination. Using mobile phone intercept as an example, let's say ...