Learn how to sniff network packets. Jungwoo demonstrates how to use tcpdump to sniff network packets and open a pcap dump file by using Wireshark.
- [Instructor] A majority of packet captured tools…use a software library called pcap to sniff network data.…There are two well-known tools…we can use to capture and analyze packets.…The first is Tcpdump…a simple command-line interface packet sniffer.…The second is Wireshark which is a more advanced version…complete with very sophisticated graphical user interface.…Imagine that I'd like to intercept…all the secure shell traffic on my Ubuntu operating system.…
To accomplish this goal, I type the following command:…tcpdump…- s…0 port…ssh.…Dash s zero is an option…that allows me to capture an entire packet.…Port ssh indicates that I'm only interested…in packets coming in and going out…of my local secure shell server.…By pressing Enter, I just executed this command.…Now tcpdump is waiting for a secure shell packet to appear.…
To generate the packets of our interest,…I can open another terminal window…and sign on to the secure shell server.…Type ssh,…user name osboxes,…and then the IP address of the secure shell server…
- Identify the goals of network security.
- Distinguish types of firewalls.
- Explain intrusion detection and prevention systems.
- Describe packet capture.
- Collect packet sniffer, IDS, and IPS data.
- Explain how to use machine learning to process network data.
- Use data science to conduct a network forensics investigation.
- Identify data visualization targets and tools.
Skill Level Intermediate
1. Network Security Review
2. Network Data Sources
3. Data Collection
4. Data Analytics
Network forensics2m 25s
- Mark as unwatched
- Mark all as unwatched
Are you sure you want to mark all the videos in this course as unwatched?
This will not affect your course history, your reports, or your certificates of completion for this course.Cancel
Take notes with your new membership!
Type in the entry box, then click Enter to save your note.
1:30Press on any video thumbnail to jump immediately to the timecode shown.
Notes are saved with you account but can also be exported as plain text, MS Word, PDF, Google Doc, or Evernote.