Monitoring how much bandwidth is used is a fundamental task to check the status of your servers, or just your desktop, so i always test new tools to see if i find something good. This is the third article of this series and in this one i’ll take a look at Bmon, speedometer and Nload.
Find me on Google+
This is an article of mine, first published on Wazi
Some find the fine art of capturing and interpreting the packets that run through your network to be as arcane as reading The Matrix, but you don’t need to be the new Neo to be able to parse the network flux. A powerful ally can help you in this mission: Wireshark, a powerful software tool to analyze your network traffic.
Wireshark is several tools in one application. You can use it to analyze the structure of your wireless network in search of potential configuration errors. It can identify many types of encapsulation and isolate and display all the fields that make up a network packet. It also works as a packet sniffer, similar to tcpdump.
With all of those powerful capabilities, you might think Wireshark would be hard to learn. In some respects it is, but you can easily learn how to use some of the filters that come with the software and let you zero in on specific clients and kinds of traffic. In this article I’ll show you several ways to use Wireshark to focus your searches.
Continue reading »
I’ve recently saw a presentation by Stefano Fratepietro project leader of DEFT Linux, a live CD dedicated to the world of Computer Forensics, among the many interesting things shown in this presentation (expect a test drive Linux DEFT) there was also a small presentation of Xplico , a tool used to analyze a captured network session.
So what’s Xplico ?
From the forensic wiki
The Xplico is a Network Forensic Analysis Tool (NFAT). The main scope of Xplico is to extract all application data content from a network capture (pcap file or real-time acquisition). For example, Xplico is able to extract all e-mails carried by the POP and SMTP protocols, and all content carried by HTTP protocol from a pcap file.
Xplico is released under the GNU General Public License.
Continue reading »