The latter may cause disk space problems as the size of the resulting capture file can grow depending on the volume of the network traffic. It is worth noting that tcpdump can be used to capture both layer 2 and layer 3 data. Tcpdump can either be used to do a quick packet capture for troubleshooting or for capturing traffic continuously in large volumes for future analysis. Using tcpdump, we can capture the traffic and store the results in a file that is compatible with tools like Wireshark for further analysis. Tcpdump is a popular command line tool available for capturing and analyzing network traffic primarily on Unix based systems. Wireshark is more of a traffic capturing and analysis tool than an offensive network security tool, and it can greatly help during network forensic investigations. The filters available in Wireshark make it easy to perform both troubleshooting as well as investigations. On the system, where Wireshark is running, one can choose the interface on which traffic needs to be captured. Wireshark is an open-source tool available for capturing and analyzing traffic with support for applying filters using the graphical user interface. For instance, if we want to identify the rogue access points available within the range, we can use airmon-ng to identify details such as SSID, mac address, the channel it is running on. However, the same tools and techniques can also be used to investigate wireless networks. Aircrack-ng suite of tools are primarily used by security professionals during security assessments. This will help users and developers to script and develop tools by taking advantage of the ability to run these tools from the command line. It focuses on different areas of WiFi security such as monitoring, attacking, testing and cracking.”Īll tools that are part of the aircrack-ng suite can be run from the command line. According to the official website, “ Aircrack-ng is a complete suite of tools to assess WiFi network security.
0 kommentar(er)
