Network and System Monitoring Lab
The tcpdump utility is one of the most widely used free and open-source command-line tools for capturing network traffic on a Linux system. A free tool that is integrated into most Linux operating systems will allow the end user to capture traffic with various parameters, like file size. Wireshark is the most widely used packet analysis tool in the world that can be used to analyze TCP dump files. When networks are attacked, there is valuable information sent to the logs about how the attack happened. In this lab, you will see how long analysis is critical to understanding and dissecting an attack.
Overview
The tcpdump utility is one of the most widely used free and open-source command-line tools for capturing network traffic on a Linux system. A free tool that is integrated into most Linux operating systems will allow the end user to capture traffic with various parameters, like file size. Wireshark is the most widely used packet analysis tool in the world that can be used to analyze TCP dump files. When networks are attacked, there is valuable information sent to the logs about how the attack happened. In this lab, you will see how long analysis is critical to understanding and dissecting an attack.
