Sniffing the Network
In this chapter, we will focus on the various tools and methods used to monitor network traffic. The objective for this chapter is to help the reader gain an understanding of Nmap, Wireshark, and the importance of monitoring a network for potential attacks. This chapter will provide the most common commands used in Nmap. We will provide screenshots and demonstrate how to use the syntax. In this chapter, we will mostly focus on two main network monitoring tools. We will discuss Nmap first because it is a command-line-based tool. Nmap also has a GUI-based version, known as Zenmap. There are advantages to developing your skill with command-line-based tools. They will allow you to gain a better understanding of how the tools function and allow you more flexibility, dependability, and control. GUI-based monitoring tools such as Wireshark also have advantages; we will discuss this in this chapter. As mentioned before, Wireshark is a GUI-based network analysis/monitoring tool. Wireshark is one of the best network sniffers available to the public. It has many packet filter options to choose from. This chapter will explain how these filter commands work. Screenshots of Wireshark will also be provided so that the reader can see what its GUI interface looks like. After reading this chapter, the user will have a solid understanding of Nmap commands and how to operate the basics of Wireshark. A person who can use these tools effectively will make themselves highly sought after in the network security field.