This chapter laid the foundation of basic networking concepts and gave an introduction to the Wireshark GUI. Wireshark is a protocol analyzer that is used worldwide by IT professionals to capture and analyze network-level packets.
The Wireshark GUI is user-friendly, robust, and platform-independent; even new IT professionals can easily adopt the tool.
One important aspect of protocol analyzing is to place the sniffer at the right place; every organization's infrastructure is different, so we might need to apply different techniques in order to get the right packets to use.
Hubbing out, port mirroring, ARP poisoning, and tapping are some of those useful techniques that can be used to monitor and analyze traffic in different situations. ...