Imagotype-NetworkDataPedia (1)_edited.pn

NetworkDataPedia © 2018-2020  |  Editorial Team   |   Privacy Policies  |  Contact Us          Website built by DYCMarketing 

Using Wireshark to Analyze nmap

February 6, 2019

When I teach or present, I typically get a question asking how I became proficient in protocol analysis and troubleshooting.

 

I explain that I think it boils down to two main categories; experience and practice. It’s interesting how closely related the two are. For example with experience, I can determine what areas I need to get more practice on. And with more practice, I get more comfortable troubleshooting and feel I can design or install equipment more efficiently.

 

Practice doesn’t need to be a formal 1 week class or even a 1 day exercise. When I think of practicing, all I need is my tool of choice and an opportunity to use it. Wireshark is a great example of a tool than can take years to get comfortable with and use effectively.

 

In this example I was playing with a LIVE CD of KALI linux distribution (https://livecdlist.com/kali-linux/) and more specifically the nmap command. I wondered what nmap did ‘on the wire’. So I simply started a capture with a capture filter for the target ip address (host 10.44.1.54) and reviewed the trace file.

 

I thought this would be a great opportunity to share how I would go through this trace file with tips, tricks and some protocol education along the way.

 

 

Enjoy

 

 

 

Share on Facebook
Share on Twitter
Please reload

Sponsored By:

Viavi

Display_LoveMyTool_170x400.png
Recent Posts

November 12, 2019

Please reload