Usr6 Posted January 26, 2013 Report Share Posted January 26, 2013 Tools to analyze network traffic can be expensive, complicated, and may require preparation before an investigation begins. By leveraging tools easily available in every Linux distribution (and often in UNIX/Mac OS X) combined with Tcpdump to analyze network traffic, you can determine the make-up of the network traffic in question find the most active hosts and protocols, search for oddities, and determine the most efficient next step of your investigation. Using this method, you are able to pare away the normal and mundane to reveal and examine the unexpected.Download:http://www.giac.org/paper/gcia/8722/analyzing-network-traffic-basic-linux-tools/128791Author: Travis Green Quote Link to comment Share on other sites More sharing options...