Infiltrator Posted October 9, 2010 Share Posted October 9, 2010 Hi, I would like to know, if when using Wireshark for analysing network traffic, does any one use any third party utility to make their job easier, when reviewing the traffic results. Or do you create custom filters within wireshark, to filter out a particular traffic. Thank you. Regards, Infiltrator Quote Link to comment Share on other sites More sharing options...
Sitwon Posted October 9, 2010 Share Posted October 9, 2010 I find Wireshark's built-in filtering capabilities to be sufficiently advanced that I have never need to look for any third party tools to sort packets. Although I have heard of people using Splunk. Quote Link to comment Share on other sites More sharing options...
Mr-Protocol Posted October 9, 2010 Share Posted October 9, 2010 (edited) There is a nice free software which takes in Pcap files. I dont remember the name, I will edit post when i find it. Edit: Netsparker http://www.mavitunasecurity.com/communityedition/ Edited October 9, 2010 by Mr-Protocol Quote Link to comment Share on other sites More sharing options...
Infiltrator Posted October 10, 2010 Author Share Posted October 10, 2010 Will take a look into those suggested tools. Thank you very much Quote Link to comment Share on other sites More sharing options...
antonymous Posted October 15, 2010 Share Posted October 15, 2010 If I'm just filtering packets, I prefer to use Wireshark's filters. But Network Miner is another great tool that I use when I need to quickly carve out files from a PCAP. It's just less clunky than copying the stream and pasting the result into a hex editor. I tried NetWitness as well (heard of both this and Network Miner on an earlier episode of Hak5), and while it wasn't quite what I wanted, it gave me a new way to visualize how different machines were talking to each other, which is always useful. Quote Link to comment Share on other sites More sharing options...
Infiltrator Posted October 16, 2010 Author Share Posted October 16, 2010 I've heard of Network Miner name before, but never knew much about it. Will give it try and experiment with it. Thanks Antonymous Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.