pen_Source_...uly_2014.

Page 66

Admin

Let's Try

Analyse Packet Capture to Protect Your Network For a network administrator or someone in a production environment who gets paranoid about whether anybody is snooping on the network, tools such as tcpdump act as a reassurance, as they help to counter such threats. This article discusses the processing and analysis of packets that have been captured by tcpdump or Wireshark.

W

hen it comes to network security, the first thing that people should be taking care of is their own network. This can be achieved by analysing your data and making sure that no one is intruding on your network. The name ‘PCAP’ comes from the two words, ‘packet capture’. The type of file is the Ethernet packet sniffer, which means that this file format is used by the tools that analyse the network traffic. In this article, I will start with the basics so that even a newbie can easily analyse the data, using the tools mentioned.

The basics

Anyone who is new to network security needs to have a good grasp of the various types of networks. The basic types are TCP (Transmission Control Protocol) and IP (Internet Protocol). We do have many versions of IP and the address varies with the type. This understanding is necessary because, with the help of the IP address, we can determine the location of someone who is mounting an attack. I would suggest

66  |  july 2014  |  OPEN SOURCE For You  |  www.OpenSourceForU.com

you visit some of the links below, which will be helpful to get an understanding of the basics of networking. http://en.wikipedia.org/wiki/Network_security http://cse.hcmut.edu.vn/~minhnguyen/NET/Computer%20 Networks%20-%20A%20Tanenbaum%20-%205th%20edition.pdf http://www.cert.org/historical/tech_tips/home_networks.cfm The best way to get a strong foundation on the subject would be to Google for information, instead of just reading many books. It is better to concentrate on a single book and try out various tools to get a good command over them.

Tools

Many tools are available for the analysis of packets, the most basic and most powerful one being tcpdump. It can be installed or updated by using the following command: sudo apt-get install tcpdump

Turn static files into dynamic content formats.

Create a flipbook

Articles inside

Backing Up Data with

49min
pages 82-99

Tips & Tricks

15min
pages 100-104

Open Source Software Engineering: An Introduction to Open Source Tools

5min
pages 80-81

Enterprise Mobility Manage

7min
pages 77-79

“We want to virtualise all

6min
pages 75-76

Run Automated System Tasks with ANACRON

15min
pages 69-74

Editorial Calendar

29min
pages 43-57

It’s Easy to Scale Out a MongoDB Deployment

18min
pages 34-42

FOSSBytes

28min
pages 16-25

Haskell: The Purely Functional Programming Language

5min
pages 26-27

You Said It

2min
page 8

Customising OpenSSL for the Real World

12min
pages 28-33

Analyse Packet Capture to Pro tect Your Network

5min
pages 66-68
Issuu converts static files into: digital portfolios, online yearbooks, online catalogs, digital photo albums and more. Sign up and create your flipbook.
pen_Source_...uly_2014. by Hiba Dweib - Issuu