Perl script as a sniffer with built-in statistics

Baby Shark

Article from Issue 180/2015
Author(s):

If you need to browse through packets rushing by on the local network, Wireshark provides a useful service. But, if you prefer to build your own tools, why not use the command-line version, TShark, and a terminal-friendly Curses UI?

The easily installed and feature-rich analysis tool Wireshark reveals that calling a single news site on the Internet can cause more than 3,000 network packets to zoom back and forth between the browser and various servers, which can leave the respective user's fingerprints on a couple of dozen different websites.

Gullible Browsers

Have you ever wondered why each port of call on the Internet brings up the goodies you recently perused on Amazon, not to mention those pesky Facebook Like buttons? It seems that the original policy introduced by Netscape back in the dark ages of the Internet to ensure privacy despite cookies has been laid to waste by gatecrashers, such as DoubleClick.

You can now always assume that not only do the pages you surf know that you are back, but so do a dozen other curious sites that pay for the privilege. If you don't take drastic steps, the browser will gullibly broadcast your identity, including your surfing habits, all over the world.

[...]

Use Express-Checkout link below to read the full article (PDF).

Buy this article as PDF

Express-Checkout as PDF
Price $2.95
(incl. VAT)

Buy Linux Magazine

SINGLE ISSUES
 
SUBSCRIPTIONS
 
TABLET & SMARTPHONE APPS
Get it on Google Play

US / Canada

Get it on Google Play

UK / Australia

Related content

  • Tshark

    The simple and practical Tshark packet analyzer gives precise information about the data streams on the network.

  • Capture File Filtering with Wireshark

    Wireshark doesn’t just work in real time. If you save a history of network activity in a pcap file using a tool such as tcpdump, you can filter the data with Wireshark to search for evidence.

  • Network Analysis

    The nightmare of any admin is a user who can't resisting clicking on an unknown attachment labeled Application.exe. This article draws on a real-world example to show how you can use built-in Linux resources to detect unauthorized traffic that might have been invited in by a trigger-happy user.

  • Security Lessons

    Building a network flight recorder with Wireshark.

  • Wireshark

    If you know your way around network protocols, you can get to the source of a problem quickly with Wireshark.

comments powered by Disqus