Network tools
The following is a list of tools that are used to monitor the network:
- tcpdump:Â This is a Linux-based tool used tocapturenetwork traffic. It can beinstalledfrom the default repositories.
- Wireshark: This tool is capable of monitoring network traffic. Incoming and outgoing network traffic, including packet information and data, is logged in real time. Originally named Ethereal, Wireshark is available for Windows, Linux, and macOS, and can be downloaded from https://www.wireshark.org/.
- mitmproxy:Â Also known as Man-In-The-Middle Proxy. As its name states, it is set up as a proxy, and thus able to control and monitor network traffic before data is either sent externally or received by internal programs.
- inetsim: Essentially, this tool fakes network and internet connectivity, thereby trapping any network traffic sent externally by a program. This is very useful for analyzing malware, preventing it from sending data externally, while having knowledge of where it connects to and what data...
