Network Protocol Analyzers

Overview.  In this tutorial, you will first learn how to use tcpdump and ethereal, which are two well-known network protocol analyzers. These tools capture and display traffic that can be picked up by a network interface card. Only traffic transmitted by the systems connected to the same Ethernet hub is captured. The goal of this tutorial is to learn the basic features of these tools in order to capture and analyze network traffic.    This tutorial is used in Network Security TELECOM 2821.     

Required Equipment.  Two Linux machines, which can be found in the SIS labs.  You can use  Linux PC: Millennia (IP or PC1 and Linux PC: Pigeon (IP or PC2.  Since both tcpdump and ethereal commands need to be run as root or permitted users, you will use the command sudo to allow a permitted user to execute these commands.

Login Instructions.  To access both machines or execute the programs, use the following username and password.

  • Username: tel2821
  • Password: sniffer