INVESTIGATING THE NETWORK TRAFFIC USING THE COMMAND-LINE PACKETS SNIFFER TCPDUMP IN KALI LINUX: INVESTIGATING THE NETWORK TRAFFIC USING THE COMMAND-LINE PACKETS SNIFFER TCPDUMP IN KALI LINUX

Petar Boyanov

doi:10.46687/jsar.v25i1.378

Authors

Petar Boyanov Konstantin Preslavsky University of Shumen, Faculty of Technical Sciences, Bulgaria

DOI:

https://doi.org/10.46687/jsar.v25i1.378

Keywords:

Analyzing, Connection, Command-line, Flag, Investigation, Kali Linux, Monitoring, Packet, Port, Scanning, Security, Sniffer, TCP, Traffic, UDP

Abstract

In this scientific article a comprehensive investigation of the network traffic using the command-line packets sniffer Tcpdump in kali Linux is made.

Author Biography

Petar Boyanov, Konstantin Preslavsky University of Shumen, Faculty of Technical Sciences, Bulgaria

Petar Boyanov, Konstantin Preslavsky University of Shumen, Faculty of Technical Sciences, Bulgaria, https://orcid.org/0000-0003-3668-6713

References

Arlos, P. and Fiedler, M., 2016. A comparison of measurement accuracy for DAG, tcpdump and windump. available online at Blekinge Institute of Technology (Sweden)< www. its. bth. se/staft/pca.

Bachl, M., Fabini, J. and Zseby, T., 2021. A flow-based IDS using Machine Learning in eBPF. arXiv preprint arXiv:2102.09980.

Boyanov, P., Implementation of modified script for Linux based operating systems using a linear algorithm for network port scanning. A refereed Journal Scientific and Applied Research, Konstantin Preslavsky University Press, Vol. 23, Shumen, 2022, ISSN 1314-6289 (Print), ISSN 2815-4622 (Online), pp. 48-59, DOI: https://doi.org/10.46687/jsar.v23i1.353.

Boyanov, P., A comprehensive scanning for open, closed and filtered ports in the computer systems and networks. A refereed Journal Scientific and Applied Research, Konstantin Preslavsky University Press, Vol. 23, Shumen, 2022, ISSN 1314-6289 (Print), ISSN 2815-4622 (Online), pp. 85-98, DOI: https://doi.org/10.46687/jsar.v23i1.356.

Corey, V., Peterman, C., Shearin, S., Greenberg, M.S. and Van Bokkelen, J., 2002. Network forensics analysis. IEEE Internet computing, 6(6), pp.60-66.

Forte, D., 2001. Using tcpdump and sanitize for system security. login Usenix Mag., 26(3).

Fuentes, F. and Kar, D.C., 2005. Ethereal vs. Tcpdump: a comparative study on packet sniffing tools for educational purpose. Journal of Computing Sciences in Colleges, 20(4), pp.169-176.

Goyal, P. and Goyal, A., 2017, September. Comparative study of two most popular packet sniffing tools-Tcpdump and Wireshark. In 2017 9th International Conference on Computational Intelligence and Communication Networks (CICN) (pp. 77-81). IEEE.

Guan, X., Ma, Y., Shao, Z. and Cao, W., 2020, July. Design and Application of Concurrent Test Scheme for Heartbeat Message of Mobile Terminal Based on Tcpdump and LoadRunner. In 2020 IEEE 10th International Conference on Electronics Information and Emergency Communication (ICEIEC) (pp. 232-235). IEEE.

Gupta, A., 2013. A research study on packet sniffing tool TCPDUMP. International Journal of Communication and Computer Technologies, 1(49), pp.172-174.

Iliev, R., K. Ignatova. Cloud technologies for building data center system for defense and security. T. Tagarev et al. (eds.), Digital Transformation, Cyber Security and Resilience of Modern Societies, Studies in Big Data 84, , ISBN 978-3-030-65721-5, Springer 2020, pp. 13-24, https://doi.org/10.1007/978-3-030-65722-2.

Jandaeng, C., 2016. Embedded packet logger for network monitoring system. In Advanced Computer and Communication Engineering Technology: Proceedings of ICOCOE 2015 (pp. 1093-1102). Springer International Publishing.

Joseph, D.A., Paxson, V. and Kim, S., 2006. tcpdump Tutorial. University of California, EE122 Fall.

Mai, Y., Upadrashta, R. and Su, X., 2004, April. J-Honeypot: a Java-based network deception tool with monitoring and intrusion detection. In International Conference on Information Technology: Coding and Computing, 2004. Proceedings. ITCC 2004. (Vol. 1, pp. 804-808). IEEE.

Makan, K., 2014. Penetration Testing with the Bash shell. Packt Publishing Ltd., ISBN 978-1-84969-510-7.

Nauta, K. and Lieble, F., 1999, September. Offline network intrusion detection: Mining tcpdump data to identify suspicious activity. In Proceedings of the AFCEA Federal Database Colloquium.

Pradhan, P. and Mannepalli, P., 2021. Machine Leaning for Flow Based Intrusion Detection Using Extended Berkley Packet Filter. Int. J. Eng. Res. Curr. Trends, 3, pp.5-7.

Rohani, M.F.A., Maarof, M.A. and Selamat, A., 2005. Security Awareness: A Lesson from Tcpdump and Ethereal. In Proceedings of the Postgraduate Annual Research Seminar (p. 270).

Therdphapiyanak, J. and Piromsopa, K., 2013, May. An analysis of suitable parameters for efficiently applying K-means clustering to large TCPdump data set using Hadoop framework. In 2013 10th International Conference on Electrical Engineering/Electronics, Computer, Telecommunications and Information Technology (pp. 1-6). IEEE.

Van Der Merwe, J., Caceres, R., Chu, Y.H. and Sreenan, C., 2000. mmdump: A tool for monitoring Internet multimedia traffic. ACM SIGCOMM Computer Communication Review, 30(5), pp.48-59.

Yurcik, W., Woolam, C., Hellings, G., Khan, L. and Thuraisingham, B., 2007, September. Scrub-tcpdump: A multi-level packet anonymizer demonstrating privacy/analysis tradeoffs. In 2007 Third International Conference on Security and Privacy in Communications Networks and the Workshops-SecureComm 2007 (pp. 49-56). IEEE.

INVESTIGATING THE NETWORK TRAFFIC USING THE COMMAND-LINE PACKETS SNIFFER TCPDUMP IN KALI LINUX