Overview
In this lab, you will capture and analyze traffic using a sniffer. The sniffer used in this lab is Wireshark. A sniffer is a passive scanner that just listens and records traffic on a network. On a network with a hub, all traffic is sent to all machines. In order to see all of the traffic sent to all machines, a SPAN port will need to be configured.
outcomes:
In this lab, you will learn to:
- Configure the network interface to allow a sniffer to capture packets.
- Generate and capture traffic on the network.
- Analyze captured traffic in Wireshark.
Key terms and descriptions
root
User name or account which has access to all commands along with read and write privileges to all files on a Linux or other Unix-like operating system.
TELNET
A protocol where the data is transmitted between two machines over clear text. The use of TELNET, which uses port 23, should be avoided on networks because it is not secure.
Wireshark
A free and open-source protocol analyzer which will allow a user to capture network traffic or to analyze a capture file.
POP
Post Office Protocol is an application layer Internet protocol used by local e-mail clients to retrieve e-mail from a remote server over a TCP/IP connection.
TCP
Transmission Control Protocol is a network protocol designed to send and ensure end-to-end delivery of data packets over the Internet.