November 2019
Intermediate to advanced
346 pages
9h 36m
English
We start this recipe by configuring tshark, the command-line variant of Wireshark. Once we are finished configuring tshark, it is now accessible through pyshark. We import pyshark and specify the duration of the network capture (Step 2). Captured network traffic data can be overwhelming in size, so it is important to control the duration. Next, we specify the name of the output capture in a way that makes it unique and easily understandable (Step 3), and then, in Step 4, we proceed to capture traffic. Finally, in Step 6, we employ Wireshark for its GUI to examine the captured network traffic. In able hands, such network traffic facilitates the detection of insecure IoT devices, misconfigurations, anomalous events, hacking attempts, ...