Showing blog posts from February 2014
NetworkMiner is a network forensics tool primarily developed for Windows OS's, but it actually runs just fine also in other operating systems with help of the Mono Framework. This guide shows how to install NetworkMiner in three different Linux distros (Ubuntu, Fedora and Arch Linux).
STEP 1: Install Mono
Ubuntu (also other Debian based distros like Xubuntu and Kali Linux)
sudo apt-get install libmono-winforms2.0-cil
Fedora (credit Renegade0x6)
sudo yum install -y mono-core
sudo yum -y install mono-basic mono-winforms expect
ArchLinux (credit: Tyler Fisher)
sudo pacman -Sy mono
STEP 2: Install NetworkMiner
wget www.netresec.com/?download=NetworkMiner -O /tmp/nm.zip
sudo unzip /tmp/nm.zip -d /opt/
sudo chmod +x NetworkMiner.exe
sudo chmod -R go+w AssembledFiles/
sudo chmod -R go+w Captures/
STEP 3: Run NetworkMiner
NetworkMiner 1.2 running under Ubuntu Linux, with “day12-1.dmp” from the M57-Patents Scenario loaded.
Live sniffing with NetworkMiner
Please note that the ability to capture packets (a.k.a. sniff traffic) with Network Miner is only available in Windows. NetworkMiner is, however, not really designed for packet capturing; it is primarily a tool for parsing and analyzing PCAP files containing previously sniffed traffic.
Posted by Erik Hjelmvik on Saturday, 01 February 2014 20:45:00 (UTC/GMT)