Chapter 3. Capturing & Analyzing Data Packets
"Unless you capture the moment, it's gone!" | ||
--Samir Datt |
In this chapter, you will learn to get your hands dirty by actually capturing and analyzing network traffic. We will start by understanding the network configuration that is required to capture data packets, including the concept of port mirroring, and then go on to using different software tools to capture and analyze network traffic with real-world scenarios of accessing data over the Internet and the resultant network capture.
The chapter will cover the following topics:
- Tapping into network traffic
- Packet sniffing and analysis using Wireshark
- Packet sniffing and analysis using NetworkMiner
- Case study – sniffing out an insider
Tapping into network ...
Get Learning Network Forensics now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.