You'll notice a lot of stuff happening when you run a packet capture, well that's to be expected there's a lot of network activity happening in the background. Tcpdump: verbose output suppressed, use -v or -vv for full protocol decode We'll be using tcpdump since it has a simpler interface, however if you were to pick up packet analysis for your toolbelt, I would recommend looking into Wireshark. They allows us to get into the nitty gritty of network analysis and get into the low level stuff. These tools scan your network interfaces, capture the packet activity, parse the packages and output the information for us to see. There are two extremely popular packet analyzers, Wireshark and tcpdump. However, today we will just learn the basics. The subject of packet analysis could fill an entire course of its own and there are many books written just on packet analysis.
0 kommentar(er)
