Description:
This is the video of the talk given by Kenneth at Hacker3con.
Abstract: Tcpdump > wireshark. tcpdump and Screen are two of the most useful tools for any security engineer or hacker. tcpdump displays all IP, port, header, and internal information for every packet that passes through an interface. A comparison of wireshark, tshark, and tcpdump will be made, which will show why tcpdump is the fastest tool for troubleshooting connectivity, recording network activity, and finding attack signatures. The presentation will include tcpdump's advanced options and detail it's limitations. To help manage the flood of data tcpdump and tshark produce, advanced usage of Screen will also be presented. This will include Screen's basic commands, persistence, and using multiple windows to control multiple boxes.
Bio: Kenneth is a space cowboy who supports Free Speech, Open Source Software, and Vincent Cerf's design that there are only four network layers. pwrcycle is a Certified Ethical Hacker (CEH) and veteran Security Operations Engineer. He has defended financial institutions and hosting providers from world wide DDoS attacks and has been part of numerous Emergency Response and Disaster Recovery events on distributed networks.
Tags: basics ,
Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying.
Comments: