Wireshark and TShark are popular sniffing tools, but there are others. Here we look at some other tools such as tcpdump, Ettercap, and dsniff for Linux, along with CloudShark, an online analyzer.
- [Narrator] Wireshark and TShark are popular sniffing tools…however, there are others.…Let's take a look.…Linux has a couple commonly available sniffers,…tcpdump ships by default on many Linux distributions.…Ettercap is specifically designed for switched LANs,…and dsniff can sniff a variety of objects on a network.…For Windows you might try network monitor,…this is a network traffic capture tool built-in…and available for Windows.…
And online is Cloudshark, it's an external analyzer…and can analyze captures from your own device.…I'm at CloudShark's homepage and here we can see…that you can analyze and share network capture files.…And I'll scroll down here and here you can see that…it's built-in with some of the devices such as a meraki.…Also you can upload and analyze packet-captures,…and you can share it with those on your team.…I use this periodically when talking about packet-captures…cause it is all online and it is very handy.…
So as you can see Wireshark is the de facto standard,…however, there are other tools for packet analysis.…
Author
Lisa Bock
Updated
1/13/2020Released
9/29/2016Note: The topics in this course will prepare you for key objectives on the Certified Ethical Hacker exam. Find an overview of the certification and the exam handbook at https://www.eccouncil.org/programs/certified-ethical-hacker-ceh/.
- Sniffing network traffic
- Passive vs. active attacks
- Comparing IPv4 to IPv6
- MAC and macof attacks
- Investigating DHCP attacks
- Detecting ARP and DNS spoofing
- Sniffing tools and techniques
Skill Level Beginner
Duration
Views
-
Introduction
-
Welcome1m 5s
-
-
1. Sniffing Overview
-
Sniffing network traffic4m 15s
-
The OSI model4m 10s
-
Passive and active attacks4m 34s
-
Tapping into the data stream3m 19s
-
Comparing IPv4 to IPv64m 35s
-
-
2. MAC Attacks
-
macof attack demo1m 51s
-
Spoofing a MAC address2m 47s
-
-
3. DHCP
-
Investigating DHCP4m 20s
-
Depleting the DHCP pool1m 25s
-
-
4. ARP
-
Address Resolution Protocol2m 48s
-
Ettercap for ARP poison3m 8s
-
Detecting ARP spoofing2m 51s
-
-
5. DNS
-
Domain Name Systems3m 28s
-
Caching and forgery2m 12s
-
Poisoning DNS1m 56s
-
-
6. Sniffing Tools and Techniques
-
Capturing images1m 19s
-
Investigating OmniPeek3m 13s
-
Other sniffing tools1m 9s
-
Defending against sniffing1m 53s
-
-
Conclusion
-
Next steps2m
-
Take notes with your new membership!
Type in the entry box, then click Enter to save your note.
Press on any video thumbnail to jump immediately to the timecode shown.
Notes are saved with you account but can also be exported as plain text, MS Word, PDF, Google Doc, or Evernote.
Share this video
Embed this video
Video: Other sniffing tools