Wireshark is a software protocol analyzer can examine the contents of all data packets in transit on the network interfaces used. The program reflects the heritage of Ethereal basing its operation on its own experience and technology developed by “predecessor”. The prerogative of Wireshark is to provide a detailed overview of everything that is happening on the local network by offering a graphical interface for easy use and easy to understand. Wireshark is able to identify the network protocols used for various types of communication and is therefore able to show the different encapsulations.
The strong point of this excellent protocol analyzer is certainly flexibility: thanks to special rules for sorting and filtering becomes so quick to extrapolate the data of interest from this information.
Wireshark provides a valuable aid to help experts in the identification of potential vulnerabilities of the systems used in the company (login credentials sent in clear text, suspicious activities perpetrated by clients on the LAN, the transit of sensitive information and so on).
Wireshark there are multiple versions, one for each operating system, be it Windows, Linux or Mac OS X.
Network Security Toolkit (abbreviated NRC) is a free package that contains most of the open source applications from the world of security. Among them is Wireshark but also a whole series of programs of particular interest to the network administrator: The complete list is available by clicking here. NRC is completely based on Fedora and acts as a Linux distribution itself.
In our case, we decided to install the Network Security Toolkit as a VMware virtual machine player. The advantages of this approach are significant: first, you will have a “virtual computer” that can be used to make control the data traffic between the servers connected to the local network as well as between them and the remote machines on the Internet.
1. As a first step, you must download and install the free VMware Player (the program can be downloaded by referring to this page). We proceeded to remove the Windows version and install it on a Windows 7 machine.
2. At this point, you can download the
ISO Network Security Toolkit, by clicking here. The download can take several minutes to be completed (the file “weighs” in fact much, about 1.4 GB).
3. The next step is to launch VMware Player, click on the
Create a virtual machine then click the option I will install the operating system later.
From the next window, you must select the operating system Linux as “guest” (the operating system that will run within the virtual machine) and Fedora Version from the menu.
At the onset of the third screen, you must specify the folder – hard drive – which will be stored within the virtual machine. Finally, you must indicate the capacity of the virtual hard drive on which the NRC will be installed later. At the box you can specify the Maximum disk size 20 GB leaving enabled Store virtual disk as a single file.
To complete the procedure, you must then click the
4. After selecting, from the main VMware Player, the Fedora virtual machine you just created, you must click on the link
Edit virtual machine settings.
By visiting the CD/DVD (IDE), you must select Use ISO image file, click the
Browse button and specify the
file-2.13.0-nst 1713.i686.iso previously taken from the Internet. This adjustment will launch the contents of the ISO file NRC.
Finally, click on
Network Adapter and then choosing the option
Bridged: Connected directly to the physical network will ensure that the Linux virtual machine to appear – to the other client systems connected to local network – as a “physical” for all purposes.
Confirming the choices by pressing the
OK button, you can start the virtual machine (virtual machine links Play).