Now, start capturing the data on a particular interface and write the output to a file. First of all, make sure that tcpdump is installed on your device. One of the most basic techniques to capture traffic over your device is by using tcpdump. Since we are interested in analyzing the traffic for a particular application, it doesn’t really matter which medium we choose. Also, we can analyze the traffic either over Wi-fi or over cellular. So just to clarify, this article is focussed on Analyzing network traffic and not hijacking network traffic. However, since we are interested in analyzing network traffic for a particular application, we will be following a different approach. In case you want to analyze the traffic for a device over SSL, there are plenty of ways to do that as well using a combination of Arpspoof and SSLStrip. It is possible that you may lose some packets if you don’t have a good wireless card. Just open up Wireshark, start sniffing over the network and add a filter (for e.g ip.addr = 192.168.1.2) so that it shows only the traffic sent or received from your iOS device. In case you are interested in analyzing the traffic for a particular device over a network remotely, wireshark is the tool to go for. There are both active and passive ways of sniffing traffic on a network. We will also look at how we can analyze network traffic over SSL. It could help us deduce how the application is managing the session of its users, the endpoints to which the application makes the call, how the application works internally etc. Analyzing the network traffic for an application could be helpful in many ways. In this article, we will be looking at how we can analyze the network traffic flowing across an iOS device. In the previous article, we looked at iOS filesystem and forensics.
0 kommentar(er)
