Sniffing network traffic

Packet sniffing is one of the best ways to understand a network. It may look a bit antiquated to have a terminal window streaming text as packets are read by the NIC, but it is the basis of all network analysis. We show several sniffers, which you can use to steal cleartext passwords, map the IP addresses of all the responding machines, and collect NTLM packets with usernames and password hashes.

Basic sniffing with tcpdump

Tcpdump is a simple command-line sniffing tool found on most routers, firewalls, and Linux/UNIX systems. There is also a version that runs on Windows made by microOLAP, which can be found at http://www.microolap.com/products/network/tcpdump/. It's not free but there is a trial version. The nice thing ...

Get Penetration Testing: A Survival Guide now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Penetration Testing: A Survival Guide by Wolf Halton, Bo Weaver, Juned Ahmed Ansari, Srinivasa Rao Kotipalli, Mohammed A. Imran

Sniffing network traffic

Basic sniffing with tcpdump

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly