Packet Capture Accuracy

This is a great example of ‘knowing your tool’ or ‘tool calibration’. Regardless of what you want to call it, it is important that you test your tools to ensure their accuracy.

In most cases analysts are turning to their laptops with either Windows, Linux or MAC OS as a tool of choice since laptops are might lighter, have increased battery life, more powerful and convenient to store results.

Unfortunately, convenience might come at a price. A good example would be to ask yourself if your laptop capture packets at various rates and packet sizes. Along with this question, should be a follow up to investigate how accurate your tool of choice is.

I see many people using USB/USB-c 1 Gb Ethernet adapters with their laptops which might be an issue if you just want to capture packets but might bite you when it comes to packet.