Task 9.4: Capturing Packets with the Packet Analyzer: Wireshark
Wireshark is a free, commonly used packet analyzer. Packet analyzers—also called network analyzers, protocol analyzers, or sniffers—monitor the network and record the packets (frames, actually) on the network that it is connected to. Packet analyzers are useful for analyzing traffic patterns, identifying rogue protocols and nodes on the network, and troubleshooting many types of network- or protocol-related problems.
A rogue protocol is a protocol that should not be present on your network. If your network only uses TCP/IP for a transport protocol, there should be no TP4 or IPX/SPX ...
Get Security Administrator Street Smarts: A Real World Guide to CompTIA Security+™ Skills, Third Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
