O'Reilly logo

Raspberry Pi for Secret Agents by Stefan Sjogelid

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Analyzing packet dumps with Wireshark

Most sniffers have the capability to produce some kind of logfile, or raw packet dump, containing all the network traffic that it picks up. Unless you're Neo from The Matrix, you're not expected to stare at the monitor and decipher the network packets live as they scroll by. Instead, you'll want to open up your logfile in a good traffic analyzer and start filtering the information so that you can follow the network conversation you're interested in.

Wireshark is an excellent packet analyzer that can open up and dissect packet logs in a standard format called pcap. Kismet already logs to pcap format by default and Ettercap can be told to do so with the -w argument, as in the following command:

pi@raspberrypi ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required