Packet analysis using a PCAP file and Wireshark
Packet analysis is the technique of investigating details found within network traffic in an organization. Since devices send and receive packets between each other, the details found by analyzing the network traffic will provide statistics and in-depth information about all the conversations that are of interest to a security engineer. Such details will be host devices, protocols, file transfers, Voice over IP (VoIP) conversations, and so on. You'll be able to determine the most widely used network applications, the hosts that are sending and receiving the most network messages, file transfers, network errors and latency issues, and even perform network forensics to determine which event occurred on the network.
One of the most popular tools for performing packet analysis is Wireshark. Wireshark has been around for quite some time now and can capture traffic on many types of networks, such as wired, wireless, and mobile networks...
