Wireshark/Conversation Analysis

From charlesreid1

Revision as of 04:41, 18 January 2016 by Admin (talk | contribs) (Created page with "=Analyzing Traffic= ==Conversations== One of the most interesting ways to analyze network traffic is by looking at it from a conversations standpoint. This bins traffic by s...")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

Analyzing Traffic

Conversations

One of the most interesting ways to analyze network traffic is by looking at it from a conversations standpoint. This bins traffic by source and destination, giving a fine-grained picture of which stations were responsible for the most traffic, which routers were the busiest, and which routers had the most clients.

Wireshark can be used to capture and analyze traffic itself, or you can create a pcap file using a utility like tcpdump (see the Tcpdump page) to create a .pcap file and load it into Wireshark.

Retrieved from "https://charlesreid1.com/w/index.php?title=Wireshark/Conversation_Analysis&oldid=8909"