This series of blogs is intended more a 'not to self' on some interesting things I've run across while analyzing network traffic. The series will focus primarily on observable information within broadcast and multicast traffic which doesn't require any special tools or techniques to collect. Simply connect to the network and start listening.
In most cases, the only items required to follow along will be a computer and Wireshark (https://www.wireshark.org/). Included with Wireshark is a command-line tool (tshark) which allows for scripting and automation of analysis.
I'll be using OSX, but where possible I'll include instructions for other operating systems.
