Weekly Journal 14 - tcpdump, Wireshark/Termshark, COVID-19 Vaccine
I am going to try something a little different this week and write about some tools I use all the time. Usually I write about tools and concepts that are new to me. This week I was also able to get my first dose of the COVID-19 vaccine.
tcpdump and its sister project, libpcap, are tools for capturing and analyzing network traffic. tcpdump is a CLI program for capturing network packets. We use this tool often at work to help debug issues with VOIP telephony systems. tcpdump primarily concerns itself with the capture and filtering of network traffic. The output can be saved in binary PCAP format for analysis with other tools. PCAP is an open standard used by many network tools.
Wireshark is a popular tool for visualizing and analyzing PCAP files. It provides a nice graphical view of each network packet and lets you see both the TCP metadata, and the data payload. Termshark is a similar tool, but it’s made for the CLI. This is nice when you want to look at PCAP files on a remote system without having to download them locally first. Or you are a terminal fan like I am and prefer to use CLI tools over graphical tools for most tasks. Both tools run on Linux, Windows, and MacOS.
Today I received my first dose of the Pfizer COVID-19 vaccine. So far the only side-effect is a little stiffness/soreness in my arm near the injection site. I might also be suffering from some additional tiredness/fatigue but it’s hard to tell since lately “tired” is part of my normal state. In a few weeks I am already scheduled to get the second dose. I expect I will see more a more severe reaction then, based on the experiences of other people I know who have received their second dose.
Hopefully I get some time to work with the security tooling I wanted to look at last week.