Mastering Wireshark

 
 
Packt Publishing Limited
  • 1. Auflage
  • |
  • erschienen am 30. März 2016
  • |
  • 308 Seiten
 
E-Book | ePUB mit Adobe DRM | Systemvoraussetzungen
978-1-78398-953-9 (ISBN)
 
Analyze data network like a professional by mastering Wireshark - From 0 to 1337About This BookMaster Wireshark and train it as your network snifferImpress your peers and get yourself pronounced as a network doctorUnderstand Wireshark and its numerous features with the aid of this fast-paced book packed with numerous screenshots, and become a pro at resolving network anomaliesWho This Book Is ForAre you curious to know what's going on in a network? Do you get frustrated when you are unable to detect the cause of problems in your networks? This is where the book comes into play.Mastering Wireshark is for developers or network enthusiasts who are interested in understanding the internal workings of networks and have prior knowledge of using Wireshark, but are not aware about all of its functionalities.What You Will LearnInstall Wireshark and understand its GUI and all the functionalities of itCreate and use different filtersAnalyze different layers of network protocols and know the amount of packets that flow through the networkDecrypt encrypted wireless trafficUse Wireshark as a diagnostic tool and also for network security analysis to keep track of malwareTroubleshoot all the network anomalies with help of Wireshark Resolve latencies and bottleneck issues in the networkIn DetailWireshark is a popular and powerful tool used to analyze the amount of bits and bytes that are flowing through a network. Wireshark deals with the second to seventh layer of network protocols, and the analysis made is presented in a human readable form.Mastering Wireshark will help you raise your knowledge to an expert level. At the start of the book, you will be taught how to install Wireshark, and will be introduced to its interface so you understand all its functionalities. Moving forward, you will discover different ways to create and use capture and display filters. Halfway through the book, you'll be mastering the features of Wireshark, analyzing different layers of the network protocol, looking for any anomalies. As you reach to the end of the book, you will be taught how to use Wireshark for network security analysis and configure it for troubleshooting purposes.Style and approach Every chapter in this book is explained to you in an easy way accompanied by real-life examples and screenshots of the interface, making it easy for you to become an expert at using Wireshark.
  • Englisch
  • Birmingham
  • |
  • Großbritannien
978-1-78398-953-9 (9781783989539)
178398953X (178398953X)
weitere Ausgaben werden ermittelt
Charit Mishra works as a consultant and pentester at Protiviti, one of the top global consulting firms. He enjoys his job, which involves helping clients identify security vulnerabilities, more than anything. With real hands-on experience in security, he has obtained leading industry certifications such as OSCP, CEH, CompTIA Security+, and CCNA R&S. He also holds a master's degree in computer science. He has delivered professional talks at various institutions and private organizations on information security and penetration testing. You can reach him at LinkedIn at https://ae.linkedin.com/in/charitmishra, and on Twitter at @charit0819.
  • Cover
  • Copyright
  • Credits
  • About the Author
  • About the Reviewer
  • www.PacktPub.com
  • Table of Contents
  • Preface
  • Chapter 1: Welcome to the World of Packet Analysis with Wireshark
  • Introduction to Wireshark
  • A brief overview of the TCP/IP model
  • The layers in the TCP/IP model
  • An introduction to packet analysis with Wireshark
  • How to do packet analysis
  • What is Wireshark?
  • How it works
  • Capturing methodologies
  • Hub-based networks
  • The switched environment
  • ARP poisoning
  • Passing through routers
  • Why use Wireshark?
  • The Wireshark GUI
  • The installation process
  • Starting our first capture
  • Summary
  • Practice questions
  • Chapter 2: Filtering Our Way in Wireshark
  • An introduction to filters
  • Capture filters
  • Why use capture filters
  • How to use capture filters
  • An example capture filter
  • Capture filters that use protocol header values
  • Display filters
  • Retaining filters for later use
  • Searching for packets using the Find dialog
  • Colorize traffic
  • Create new Wireshark profiles
  • Summary
  • Practice questions
  • Chapter 3: Mastering the Advanced Features of Wireshark
  • The Statistics menu
  • Using the Statistics menu
  • Protocol Hierarchy
  • Conversations
  • Endpoints
  • Working with IO, Flow, and TCP stream graphs
  • IO graphs
  • Flow graphs
  • TCP stream graphs
  • Round-trip time graphs
  • Throughput graphs
  • The Time-sequence graph (tcptrace)
  • Follow TCP streams
  • Expert Infos
  • Command Line-fu
  • Summary
  • Exercise
  • Chapter 4: Inspecting Application Layer Protocols
  • Domain name system
  • Dissecting a DNS packet
  • Dissecting DNS query/response
  • Unusual DNS traffic
  • File transfer protocol
  • Dissecting FTP communications
  • Passive mode
  • Active mode
  • Dissecting FTP packets
  • Unusual FTP
  • Hyper Text Transfer Protocol
  • How it works - request/response
  • Request
  • Response
  • Unusual HTTP traffic
  • Simple Mail Transfer Protocol
  • Usual versus unusual SMTP traffic
  • Session Initiation Protocol and Voice Over Internet Protocol
  • Analyzing VOIP traffic
  • Reassembling packets for playback
  • Unusual traffic patterns
  • Decrypting encrypted traffic (SSL/TLS)
  • Summary
  • Practice questions:
  • Chapter 5: Analyzing Transport Layer Protocols
  • The transmission control protocol
  • Understanding the TCP header and its various flags
  • How TCP communicates
  • How it works
  • Graceful termination
  • RST (reset) packets
  • Relative verses Absolute numbers
  • Unusual TCP traffic
  • How to check for different analysis flags in Wireshark
  • The User Datagram Protocol
  • A UDP header
  • How it works
  • The DHCP
  • The TFTP
  • Unusual UDP traffic
  • Summary
  • Practice questions
  • Chapter 6: Analyzing Traffic in Thin Air
  • Understanding IEEE 802.11
  • Various modes in wireless communications
  • Wireless interference and strength
  • The IEEE 802.11 packet structure
  • RTS/CTS
  • Usual and unusual WEP - open/shared key communication
  • WEP-open key
  • The shared key
  • WPA-Personal
  • WPA-Enterprise
  • Decrypting WEP and WPA traffic
  • Summary
  • Practice questions
  • Chapter 7: Network Security Analysis
  • Information gathering
  • PING sweep
  • Half-open scan (SYN)
  • OS fingerprinting
  • ARP poisoning
  • Analyzing brute force attacks
  • Inspecting malicious traffic
  • Solving real-world CTF challenges
  • Summary
  • Practice questions
  • Chapter 8: Troubleshooting
  • Recovery features
  • The flow control mechanism
  • Troubleshooting slow Internet and network latencies
  • Client- and server-side latencies
  • Troubleshooting bottleneck issues
  • Troubleshooting application-based issues
  • Summary
  • Practice questions
  • Chapter 9: Introduction to Wireshark v2
  • The intelligent scroll bar
  • Translation
  • Graph improvements
  • TCP streams
  • USBPcap
  • Summary
  • Practice questions
  • Index

Dateiformat: EPUB
Kopierschutz: Adobe-DRM (Digital Rights Management)

Systemvoraussetzungen:

Computer (Windows; MacOS X; Linux): Installieren Sie bereits vor dem Download die kostenlose Software Adobe Digital Editions (siehe E-Book Hilfe).

Tablet/Smartphone (Android; iOS): Installieren Sie bereits vor dem Download die kostenlose App Adobe Digital Editions (siehe E-Book Hilfe).

E-Book-Reader: Bookeen, Kobo, Pocketbook, Sony, Tolino u.v.a.m. (nicht Kindle)

Das Dateiformat EPUB ist sehr gut für Romane und Sachbücher geeignet - also für "fließenden" Text ohne komplexes Layout. Bei E-Readern oder Smartphones passt sich der Zeilen- und Seitenumbruch automatisch den kleinen Displays an. Mit Adobe-DRM wird hier ein "harter" Kopierschutz verwendet. Wenn die notwendigen Voraussetzungen nicht vorliegen, können Sie das E-Book leider nicht öffnen. Daher müssen Sie bereits vor dem Download Ihre Lese-Hardware vorbereiten.

Weitere Informationen finden Sie in unserer E-Book Hilfe.


Download (sofort verfügbar)

40,53 €
inkl. 19% MwSt.
Download / Einzel-Lizenz
ePUB mit Adobe DRM
siehe Systemvoraussetzungen
E-Book bestellen

Unsere Web-Seiten verwenden Cookies. Mit der Nutzung dieser Web-Seiten erklären Sie sich damit einverstanden. Mehr Informationen finden Sie in unserem Datenschutzhinweis. Ok