Packet sniffing and analysis using NetworkMiner
NetworkMiner is a passive network sniffing or network forensic tool. It is called a passive tool as it does not send out requests—it sits silently on the network, capturing every packet in the promiscuous mode.
NetworkMiner is host-centric. This means that it will classify data based on hosts rather than packets, which is what most sniffers such as Wireshark do.
The different steps to NetworkMiner usage are as follows:
- Download and install the NetworkMiner.
- Then, configure it.
- Capture the data in NetworkMiner.
- Finally, analyze the data.
NetworkMiner is available for download at SourceForge: http://sourceforge.net/projects/networkminer/.
Though NetworkMiner is not as well known as it should be, it's host-centric ...
Get Learning Network Forensics now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
