issuhub.com

CEH

(Jeff_L) #1

214 Chapter 9 ■ Sniffers


Wireshark


As of this writing, Wireshark reigns supreme as perhaps the best sniffer on the market.

Wireshark has been around for quite some time, and it has proven its worth time and time

again. Wireshark is natively available on both Windows and Linux.

Sniffer builds include TCPdump, Kismet, and Ettercap, among others. A great resource

for sniffers and many other security tools is http://www.sectools.org. All sniffers have their place

in the sniffing universe, but for our purposes we will be focusing on Wireshark. Wireshark

is natively available on Linux as well as Windows. First, let’s do a quick run through on

Wireshark basics in Exercise 9.1.

You do not necessarily need to know how to run Wireshark, but you will be

expected to be able to understand how a sniffer works and be able to dissect

and understand captured packets. Wireshark is a de facto industry standard,

so being comfortable with it will aid you in the exam and the real world.

EXERCISE 9.1

Sniffing with Wireshark


  1. Make sure Wireshark is running on your BackTrack r3 client, as shown here.

Free download pdf
Get our desktop app
Company
Features
Documentation
Resources
© ISSUHUB. 2025. All rights reserved.