This is the second video in my ‘Threat Hunting: With open source software”. You can find the first video here: Threat Hunting: The Network and PCAP
This video dives a bit deeper into monitoring networks. First, we’ll go over how to monitor a modern network, some tips and tricks to help avoid gotchas.
For instance, ever wonder why you can’t see other computers traffic on your network switch? yeah, we talk about that!
We eventually work our way towards using tcpdump. We’ll monitor live traffic and then store it to disk. Lots of content in here, so let’s get started!