Revision as of 04:49, 18 January 2016

Analyzing Traffic

Conversations

One of the most interesting ways to analyze network traffic is by looking at it from a conversations standpoint. This bins traffic by source and destination, giving a fine-grained picture of which stations were responsible for the most traffic, which routers were the busiest, and which routers had the most clients.

Wireshark can be used to capture and analyze traffic itself, or you can create a pcap file using a utility like tcpdump (see the Tcpdump page) to create a .pcap file and load it into Wireshark.

Revision as of 04:48, 18 January 2016 (view source) Admin (talk \| contribs) (→‎Conversations) ← Older edit		Revision as of 04:49, 18 January 2016 (view source) Admin (talk \| contribs) (→‎Conversations) Newer edit →
Line 7:		Line 7:
	Wireshark can be used to capture and analyze traffic itself, or you can create a pcap file using a utility like tcpdump (see the [[Tcpdump]] page) to create a .pcap file and load it into Wireshark.		Wireshark can be used to capture and analyze traffic itself, or you can create a pcap file using a utility like tcpdump (see the [[Tcpdump]] page) to create a .pcap file and load it into Wireshark.

	[[WiresharkTrafficConversations.png\|500px]]		[[Image:WiresharkTrafficConversations.png\|500px]]

Wireshark/Conversation Analysis: Difference between revisions

From charlesreid1

Revision as of 04:49, 18 January 2016

Analyzing Traffic

Conversations