Search results
Results from the WOW.Com Content Network
Packet capture is the process of intercepting and logging traffic. As data streams flow across the network, the analyzer captures each packet and, if needed, decodes the packet's raw data, showing the values of various fields in the packet, and analyzes its content according to the appropriate RFC or other specifications.
Monitor mode, or RFMON (Radio Frequency MONitor) mode, allows a computer with a wireless network interface controller (WNIC) to monitor all traffic received on a wireless channel. Unlike promiscuous mode , which is also used for packet sniffing , monitor mode allows packets to be captured without having to associate with an access point or ad ...
A number of 802.11 sensors and Access Points use the TZSP protocol for packet capture. It is an open protocol that was designed to encapsulate other protocols over UDP.The primary use for this protocol has been the capture of wireless traffic and transmission of them over a wired network.
On wireless networks, it is possible to use the Aircrack wireless security tools to capture IEEE 802.11 frames and read the resulting dump files with Wireshark. As of Wireshark 0.99.7, Wireshark and TShark run dumpcap to perform traffic capture. Platforms that require special privileges to capture traffic need only dumpcap run with those ...
EtherApe, a graphical tool for monitoring network traffic and bandwidth usage in real time. Firesheep, a discontinued extension for the Firefox web browser that captured packets and performed session hijacking; iftop, a tool for displaying bandwidth usage (like top for network traffic) Kismet, for 802.11 wireless LANs
A packet capture appliance is a standalone device that performs packet capture. [1] Packet capture appliances may be deployed anywhere on a network, however, most commonly are placed at the entrances to the network (i.e. the internet connections) and in front of critical equipment, such as servers containing sensitive information.
The monitored traffic is sometimes referred to as the pass-through traffic, while the ports that are used for monitoring are the monitor ports. There may also be an aggregation port for full-duplex traffic, wherein the A traffic is aggregated with the B traffic, resulting in one stream of data for monitoring the full-duplex communication.
Kismet can also capture "Per-Packet Information" headers. Kismet also features the ability to detect default or "not configured" networks, probe requests, and determine what level of wireless encryption is used on a given access point. In order to find as many networks as possible, Kismet supports channel hopping.