Project

General

Profile

Documentation #7220

Updated by Juliana Fajardini Reichow 4 months ago

Our Userguide currently has We have a mention to an out-of-date useful short guide on [[Sniffing_Packets_with_Wireshark]]. 

 While that is useful, [[Sniffing packets with Wireshark]], but it has some instructions that are not recommended in terms of security best practices might be 
 (running as @sudo@. We also understand that there are early steps that need coverage outdated, and are not tied should be moved to Wireshark. 

 Therefore, we need a guide to explain how to use @ip@ and @tcpdump@ to know which interface card the user system is Suricata forum's Guides category, where this sort of 
 using for network traffic, as well as how to do packet sniffing etc. documentation now lives: https://forum.suricata.io/c/guides/12 

 This task covers: consists of: 
 - checking the current https://redmine.openinfosecfoundation.org/projects/suricata/wiki/Sniffing_Packets_with_Wireshark page to see if it needs updating 
 - updating as needed 
 - creating a Forum post with same name under the Guides category (https://forum.suricata.io/c/guides/12) and posting it, respecting formatting etc., on the topics discussed above etc 
 - updating our Userguide to point to this new guide, instead the updated version of to the Sniffing Packets with Wireshark one: Sniffing... guide: https://docs.suricata.io/en/latest/performance/packet-profiling.html#packet-profiling

Back