Packet Analysis [part 1]
Packet analysis can help :
- Understanding the network characteristics.
- Known who is on a network.
- Determining who is utilizing available network.
- Identifying possible attacks or malicious activity.
- Finding unsecured applications
How packet analysis work :
- Collection
- In first step , the packet sniffer collects raw binary data from the wire. This done by change the network into promicious mode. In this mode the network card can listen to all traffic on a network segment.
- Conversion
- The captured binary data is converted to readable form.
- Analysis
- And lastly packet sniffer takes the captured data (usually .cap file) , verifies it's protocol based on the information extracted and begins it's analysis of that protocol
To make a packet analysis on a network , you should have a basic of TCP/IP knowledge. I will not explain about TCP/IP on this post (maybe a next time). Also basic about Network Hardware like Hubs , Switched and Router (this is also not be explain).
0 comments :
Post a Comment