Chapter 3. Capturing & Analyzing Data Packets
"Unless you capture the moment, it's gone!"
In this chapter, you will learn to get your hands dirty by actually capturing and analyzing network traffic. We will start by understanding the network configuration that is required to capture data packets, including the concept of port mirroring, and then go on to using different software tools to capture and analyze network traffic with real-world scenarios of accessing data over the Internet and the resultant network capture.
The chapter will cover the following topics:
- Tapping into network traffic
- Packet sniffing and analysis using Wireshark
- Packet sniffing and analysis using NetworkMiner
- Case study – sniffing out an insider