This week, I’ve spent some time analysing traffic on our network to try to get to the bottom of some slightly odd behaviour we’ve been seeing. Ordinarly I’d use tcpdump and/or wireshark. They’re great for capturing traffic and filtering by, for example, the IP address concerned, or the network protocol being used, but sometimes that’s not enough: if one is interested in filtering based upon the contents of a packet you need a different tool. And so, a little bit of searching led me to ngrep, which is exactly what the name sounds like: grep for networks. I can now filter out all traffic on our network which is requesting one particular website address by filtering based upon the HTTP request being sent. Now I can quickly and easily get at the network traffic I’m interested in!
-
Recent Posts
-
Recent Comments
-
Archives
- August 2021
- April 2021
- March 2021
- July 2020
- May 2020
- March 2020
- February 2020
- January 2020
- November 2019
- June 2019
- May 2019
- April 2019
- March 2019
- July 2018
- June 2017
- October 2016
- September 2016
- August 2016
- June 2016
- April 2016
- March 2016
- February 2016
- November 2015
- October 2015
- September 2015
- August 2015
- June 2015
- April 2015
- March 2015
- January 2015
- October 2014
- September 2014
- August 2014
- July 2014
- January 2014
- September 2013
- July 2013
- May 2013
- February 2013
- January 2013
- December 2012
- November 2012
- October 2012
-
Categories
-
Meta