If you're not familiar with Wireshark, then you'll soon find out how powerful and effective this tool can be. Wireshark is a packet analyzer software that's open source and free to use. It can be used to troubleshoot networking issues and hunt down malicious activities. Basically, every bit (literally) of information that flows in and out of a network can be captured and dumped into a single location. Then we can take our time analyzing this information, using filters to narrow down our search. As of writing this book, the current version of Wireshark is 2.2.2, but always make sure that yours is up-to-date:
- When you launch Wireshark, you should see the following screen. You will need to select the interface you want to scan on, depending on whether you use an Ethernet or a wireless connection. I am connected via Wi-Fi, so that is what I choose. Yours may be named differently...