From the course: Data-Driven Network Security Essentials
Join today to access over 22,600 courses taught by industry experts or purchase this course individually.
Collect packet sniffer data
From the course: Data-Driven Network Security Essentials
Collect packet sniffer data
- [Instructor] A majority of packet captured tools use a software library called pcap to sniff network data. There are two well-known tools we can use to capture and analyze packets. The first is Tcpdump a simple command-line interface packet sniffer. The second is Wireshark which is a more advanced version complete with very sophisticated graphical user interface. Imagine that I'd like to intercept all the secure shell traffic on my Ubuntu operating system. To accomplish this goal, I type the following command: tcpdump - s 0 port ssh. Dash s zero is an option that allows me to capture an entire packet. Port ssh indicates that I'm only interested in packets coming in and going out of my local secure shell server. By pressing Enter, I just executed this command. Now tcpdump is waiting for a secure shell packet to appear. To generate the packets of our interest, I can open another terminal window and sign on to the secure shell server. Type ssh, user name osboxes, and then the IP…
Practice while you learn with exercise files
Download the files the instructor uses to teach the course. Follow along and learn by watching, listening and practicing.
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.