O'Reilly logo

Learning Network Forensics by Samir Datt

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Packet sniffing and analysis using NetworkMiner

NetworkMiner is a passive network sniffing or network forensic tool. It is called a passive tool as it does not send out requests—it sits silently on the network, capturing every packet in the promiscuous mode.

NetworkMiner is host-centric. This means that it will classify data based on hosts rather than packets, which is what most sniffers such as Wireshark do.

The different steps to NetworkMiner usage are as follows:

  1. Download and install the NetworkMiner.
  2. Then, configure it.
  3. Capture the data in NetworkMiner.
  4. Finally, analyze the data.

NetworkMiner is available for download at SourceForge: http://sourceforge.net/projects/networkminer/.

Though NetworkMiner is not as well known as it should be, it's host-centric ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required