In a large infrastructure environment, capturing, extracting, and storing data becomes a bottleneck at times. In such cases, we can use Moloch, which is a free, open source, large-scale packet-capturing system that allows us to draw intelligence while effectively managing and storing the data:
Moloch packet capturing system
From the preceding screenshot, we can see various stats with respect to the source IP and destination. Expanding the first entry (192.168.0.109 -> 172.217.7,4), we can see plenty of detailed information:
Expanding the first entry (192.168.0.109 -> 172.217.7.4)
We can see we have a much wider view of the details now. Moloch also provides stateful packet inspection view and graph as shown in the following screenshot:
Stateful packet inspection view
We can see that we have data in a segregated...
