Auditoría de red basada en captura pasiva de tráfico

Abstract

This project aims to achieve various objectives. The first of them is to guide the user into finding and solving problems that the network administrator might have encountered in the network and also into analyzing a trace. This project will teach the reader how to use available state of the art network monitoring tools. And finally, it will show a tool to review the TCP windows sequences of one or several TCP connections. In the case of trace analysis, this will be illustrated with some of the typical cases that can happen as, for example: slow web browsing, IP spoofing, duplicated IP packets, problems with the Citrix service, etc. This guide explains the steps that you should check in order to detect what the problem is, using public/private currently available tools. In relation to the design of a graph of the TCP connection, we will show the available tools and we will see that they do not have the required functionalities. We will therefore develop a new tool, step by step in order to obtain a basic tool which will give us the result we need