This is a test
- 308 pages
- English
- ePUB (mobile friendly)
- Available on iOS & Android
eBook - ePub
Mastering Wireshark
Book details
Book preview
Table of contents
Citations
About This Book
Analyze data network like a professional by mastering Wireshark - From 0 to 1337
About This Book
- Master Wireshark and train it as your network sniffer
- Impress your peers and get yourself pronounced as a network doctor
- Understand Wireshark and its numerous features with the aid of this fast-paced book packed with numerous screenshots, and become a pro at resolving network anomalies
Who This Book Is For
Are you curious to know what's going on in a network? Do you get frustrated when you are unable to detect the cause of problems in your networks? This is where the book comes into play.
Mastering Wireshark is for developers or network enthusiasts who are interested in understanding the internal workings of networks and have prior knowledge of using Wireshark, but are not aware about all of its functionalities.
What You Will Learn
- Install Wireshark and understand its GUI and all the functionalities of it
- Create and use different filters
- Analyze different layers of network protocols and know the amount of packets that flow through the network
- Decrypt encrypted wireless traffic
- Use Wireshark as a diagnostic tool and also for network security analysis to keep track of malware
- Troubleshoot all the network anomalies with help of Wireshark
- Resolve latencies and bottleneck issues in the network
In Detail
Wireshark is a popular and powerful tool used to analyze the amount of bits and bytes that are flowing through a network. Wireshark deals with the second to seventh layer of network protocols, and the analysis made is presented in a human readable form.
Mastering Wireshark will help you raise your knowledge to an expert level. At the start of the book, you will be taught how to install Wireshark, and will be introduced to its interface so you understand all its functionalities. Moving forward, you will discover different ways to create and use capture and display filters. Halfway through the book, you'll be mastering the features of Wireshark, analyzing different layers of the network protocol, looking for any anomalies. As you reach to the end of the book, you will be taught how to use Wireshark for network security analysis and configure it for troubleshooting purposes.
Style and approach
Every chapter in this book is explained to you in an easy way accompanied by real-life examples and screenshots of the interface, making it easy for you to become an expert at using Wireshark.
Frequently asked questions
At the moment all of our mobile-responsive ePub books are available to download via the app. Most of our PDFs are also available to download and we're working on making the final remaining ones downloadable now. Learn more here.
Both plans give you full access to the library and all of Perlego’s features. The only differences are the price and subscription period: With the annual plan you’ll save around 30% compared to 12 months on the monthly plan.
We are an online textbook subscription service, where you can get access to an entire online library for less than the price of a single book per month. With over 1 million books across 1000+ topics, we’ve got you covered! Learn more here.
Look out for the read-aloud symbol on your next book to see if you can listen to it. The read-aloud tool reads text aloud for you, highlighting the text as it is being read. You can pause it, speed it up and slow it down. Learn more here.
Yes, you can access Mastering Wireshark by Charit Mishra in PDF and/or ePUB format, as well as other popular books in Computer Science & Computer Networking. We have over one million books available in our catalogue for you to explore.
Information
Mastering Wireshark
Table of Contents
Mastering Wireshark
Credits
About the Author
About the Reviewer
www.PacktPub.com
eBooks, discount offers, and more
Why subscribe?
Preface
What this book covers
What you need for this book
Who this book is for
Conventions
Reader feedback
Customer support
Downloading the color images of this book
Errata
Piracy
Questions
1. Welcome to the World of Packet Analysis with Wireshark
Introduction to Wireshark
A brief overview of the TCP/IP model
The layers in the TCP/IP model
An introduction to packet analysis with Wireshark
How to do packet analysis
What is Wireshark?
How it works
Capturing methodologies
Hub-based networks
The switched environment
ARP poisoning
Passing through routers
Why use Wireshark?
The Wireshark GUI
The installation process
Starting our first capture
Summary
Practice questions
2. Filtering Our Way in Wireshark
An introduction to filters
Capture filters
Why use capture filters
How to use capture filters
An example capture filter
Capture filters that use protocol header values
Display filters
Retaining filters for later use
Searching for packets using the Find dialog
Colorize traffic
Create new Wireshark profiles
Summary
Practice questions
3. Mastering the Advanced Features of Wireshark
The Statistics menu
Using the Statistics menu
Protocol Hierarchy
Conversations
Endpoints
Working with IO, Flow, and TCP stream graphs
IO graphs
Flow graphs
TCP stream graphs
Round-trip time graphs
Throughput graphs
The Time-sequence graph (tcptrace)
Follow TCP streams
Expert Infos
Command Line-fu
Summary
Exercise
4. Inspecting Application Layer Protocols
Domain name system
Dissecting a DNS packet
Dissecting DNS query/response
Unusual DNS traffic
File transfer protocol
Dissecting FTP communications
Passive mode
Active mode
Dissecting FTP packets
Unusual FTP
Hyper Text Transfer Protocol
How it works – request/response
Request
Response
Unusual HTTP traffic
Simple Mail Transfer Protocol
Usual versus unusual SMTP traffic
Session Initiation Protocol and Voice Over Internet Protocol
Analyzing VOIP traffic
Reassembling packets for playback
Unusual traffic patterns
Decrypting encrypted traffic (SSL/TLS)
Summary
Practice questions:
5. Analyzing Transport Layer Protocols
The transmission control protocol
Understanding the TCP header and its various flags
How TCP communicates
How it works
Graceful termination
RST (reset) packets
Relative verses Absolute numbers
Unusual TCP traffic
How to check for different analysis flags in Wireshark
The User Datagram Protocol
A UDP header
How it works
The DHCP
The TFTP
Unusual UDP traffic
Summary
Practice questions
6. Analyzing Traffic in Thin Air
Understanding IEEE 802.11
Various modes in wireless communications
Wireless interference and strength
The IEEE 802.11 packet structure
RTS/CTS
Usual and unusual WEP – open/shared key communication
WEP-open key
The shared key
WPA-Personal
WPA-Enterprise
Decrypting WEP and WPA traffic
Summary
Practice questions
7. Network Security Analysis
Information gathering
PING sweep
Half-open scan (SYN)
OS fingerprinting
ARP poisoning
Analyzing brute force attacks
Inspecting malicious traffic
Solving real-world CTF challenges
Summary
Practice questions
8. Troubleshooting
Recovery features
The flow control mechanism
Troubleshooting slow Internet and network latencies
Client- and server-side latencies
Troubleshooting bottleneck issues
Troubleshooting application-based issues
Summary
Practice questions
9. Introduction to Wireshark v2
The intelligent scroll bar
Translation
Graph improvements
TCP streams
USBPcap
Summary
Practice questions
Index
Mastering Wireshark
Copyright © 2016 Packt Publishing
All rights reserved. No part of this book may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written permission of the publisher, except in the case of brief quotations embedded in critical articles or reviews.
Every effort has been made in the preparation of this book to ensure the accuracy of the information presented. However, the information contained in this book is sold without warranty, either express or implied. Neither the author nor Packt Publishing, and its dealers and distributors will be held liable for any damages caused or alleged to be caused directly or indirectly by this book.
Packt Publishing has endeavored to provide trademark information about all of the companies and products mentioned in this book by the appropriate use of capitals. However, Packt Publishing cannot guarantee the accuracy of this information.
First published: March 2016
Production reference: 1210316
Published by Packt Publishing Ltd.
Livery Place
35 Livery Street
Birmingham B3 2PB, UK.
ISBN 978-1-78398-952-2
www.packtpub.com
Credits
Author
Charit Mishra
Reviewer
Anish Nath
Commissioning Editor
Kunal Parikh
Acquisition Editor
Kevin Colaco
Content Development Editor
Onkar Wani
Technical Editor
Pranjali Mistry
Copy Editor
Neha Vyas
Project Coordinator
Bijal Patel
Proofreader
Safis Editing
Indexer
Rekha Nair
Production Coordinator
Manu Joseph
Cover Work
Manu Joseph
About the Author
Charit Mishra works as a consultant and pentester at Protiviti, one of the top global consulting firms. He enjoys his job, which involves helping clients identify security vulnerabilities, more than anything. With real hands-on experience in security, he has obtained leading industry certifications such as OSCP, CEH, CompTIA Security+, and CCNA R&S. He also holds a master's degree in computer science. He has delivered professional talks at various institutions and private organizations on information security and penetration testing. You can reach him at LinkedIn at https://ae.linkedin.com/in/charitmishra, and on Twitter at
@charit0819.Table of contents
- Mastering Wireshark