Mastering Wireshark : analyze data network life a professional by mastering Wireshark- from 0 to 1337 / Charit Mishra.

Format:

Book

Author/Creator:

Mishra, Charit, author.

Series:

Community experience distilled.

Community experience distilled

Language:

English

Subjects (All):

Wireshark (computer file).

Open source software.

Physical Description:

1 online resource (308 p.)

Edition:

1st edition

Place of Publication:

Birmingham : Packt Publishing, [2016]

System Details:

text file

Summary:

Analyze data network like a professional by mastering Wireshark - From 0 to 1337 About This Book Master Wireshark and train it as your network sniffer Impress your peers and get yourself pronounced as a network doctor Understand Wireshark and its numerous features with the aid of this fast-paced book packed with numerous screenshots, and become a pro at resolving network anomalies Who This Book Is For Are you curious to know what's going on in a network? Do you get frustrated when you are unable to detect the cause of problems in your networks? This is where the book comes into play. Mastering Wireshark is for developers or network enthusiasts who are interested in understanding the internal workings of networks and have prior knowledge of using Wireshark, but are not aware about all of its functionalities. What You Will Learn Install Wireshark and understand its GUI and all the functionalities of it Create and use different filters Analyze different layers of network protocols and know the amount of packets that flow through the network Decrypt encrypted wireless traffic Use Wireshark as a diagnostic tool and also for network security analysis to keep track of malware Troubleshoot all the network anomalies with help of Wireshark Resolve latencies and bottleneck issues in the network In Detail Wireshark is a popular and powerful tool used to analyze the amount of bits and bytes that are flowing through a network. Wireshark deals with the second to seventh layer of network protocols, and the analysis made is presented in a human readable form. Mastering Wireshark will help you raise your knowledge to an expert level. At the start of the book, you will be taught how to install Wireshark, and will be introduced to its interface so you understand all its functionalities. Moving forward, you will discover different ways to create and use capture and display filters. Halfway through the book, you'll be mastering the features of Wireshark, analyzing different layers of the network protocol, looking for any anomalies. As you reach to the end of the book, you will be taught how to use Wireshark for network security analysis and configure it for troubleshooting purposes. Style and approach Every chapter in this book is explained to you in an easy way accompanied by real-life examples and screenshots of the interface, making it easy for you to become an expert at using Wireshark.

Contents:

Cover; Copyright; Credits; About the Author; About the Reviewer; www.PacktPub.com; Table of Contents; Preface; Chapter 1: Welcome to the World of Packet Analysis with Wireshark; Introduction to Wireshark; A brief overview of the TCP/IP model; The layers in the TCP/IP model; An introduction to packet analysis with Wireshark; How to do packet analysis; What is Wireshark?; How it works; Capturing methodologies; Hub-based networks; The switched environment; ARP poisoning; Passing through routers; Why use Wireshark?; The Wireshark GUI; The installation process; Starting our first capture

SummaryPractice questions; Chapter 2: Filtering Our Way in Wireshark; An introduction to filters; Capture filters; Why use capture filters; How to use capture filters; An example capture filter; Capture filters that use protocol header values; Display filters; Retaining filters for later use; Searching for packets using the Find dialog; Colorize traffic; Create new Wireshark profiles; Summary; Practice questions; Chapter 3: Mastering the Advanced Features of Wireshark; The Statistics menu; Using the Statistics menu; Protocol Hierarchy; Conversations; Endpoints

Working with IO, Flow, and TCP stream graphsIO graphs; Flow graphs; TCP stream graphs; Round-trip time graphs; Throughput graphs; The Time-sequence graph (tcptrace); Follow TCP streams; Expert Infos; Command Line-fu; Summary; Exercise; Chapter 4: Inspecting Application Layer Protocols; Domain name system; Dissecting a DNS packet; Dissecting DNS query/response; Unusual DNS traffic; File transfer protocol; Dissecting FTP communications; Passive mode; Active mode; Dissecting FTP packets; Unusual FTP; Hyper Text Transfer Protocol; How it works - request/response; Request; Response

Unusual HTTP trafficSimple Mail Transfer Protocol; Usual versus unusual SMTP traffic; Session Initiation Protocol and Voice Over Internet Protocol; Analyzing VOIP traffic; Reassembling packets for playback; Unusual traffic patterns; Decrypting encrypted traffic (SSL/TLS); Summary; Practice questions:; Chapter 5: Analyzing Transport Layer Protocols; The transmission control protocol; Understanding the TCP header and its various flags; How TCP communicates; How it works; Graceful termination; RST (reset) packets; Relative verses Absolute numbers; Unusual TCP traffic

How to check for different analysis flags in WiresharkThe User Datagram Protocol; A UDP header; How it works; The DHCP; The TFTP; Unusual UDP traffic; Summary; Practice questions; Chapter 6: Analyzing Traffic in Thin Air; Understanding IEEE 802.11; Various modes in wireless communications; Wireless interference and strength; The IEEE 802.11 packet structure; RTS/CTS; Usual and unusual WEP - open/shared key communication; WEP-open key; The shared key; WPA-Personal; WPA-Enterprise; Decrypting WEP and WPA traffic; Summary; Practice questions; Chapter 7: Network Security Analysis

Information gathering

Notes:

Includes index.

Description based on online resource; title from PDF title page (ebrary, viewed July 1, 2016).

ISBN:

9781783989539

178398953X

OCLC:

946526530