Chapter 7

Using Wireshark and TCP dump to visualize traffic

Abstract

We focus on network traffic visualization using Wireshark and TCPdump. We give practical tips including using built-in analysis tools, as well as display and capture filters to filter traffic. We show how you can find and identify abnormal flows in the network.

Keywords

Wireshark

network analysis

display filters

capture filters

TCPdump

flow identification

One truth about security testing is that if you cannot see it, you may not be able to defend against it in the networks. This is where tools like Wireshark come in handy. What I will do in this chapter is show you tips and tricks for using Wireshark for the overall reason to give you another tool in the defense of your network. ...

Get Network Performance and Security now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Network Performance and Security by Chris Chapman

Using Wireshark and TCP dump to visualize traffic

Abstract

Keywords

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly