Book Image

Mastering Wireshark

Book Image

Mastering Wireshark

Overview of this book

Wireshark is a popular and powerful tool used to analyze the amount of bits and bytes that are flowing through a network. Wireshark deals with the second to seventh layer of network protocols, and the analysis made is presented in a human readable form. Mastering Wireshark will help you raise your knowledge to an expert level. At the start of the book, you will be taught how to install Wireshark, and will be introduced to its interface so you understand all its functionalities. Moving forward, you will discover different ways to create and use capture and display filters. Halfway through the book, you’ll be mastering the features of Wireshark, analyzing different layers of the network protocol, looking for any anomalies. As you reach to the end of the book, you will be taught how to use Wireshark for network security analysis and configure it for troubleshooting purposes.
Table of Contents (16 chapters)
Mastering Wireshark
About the Author
About the Reviewer


Q.1. What is the purpose of the Statistics menu and what tools does it contain?

Q.2. Using the Conversations dialog, can you figure out the busiest host on the network? If yes, how?

Q.3. Think of a scenario where using the Endpoints window can be useful.

Q.4. Is it possible to create a display filter using the Endpoints window?

Q.5. Switch the name resolution feature off while viewing the conversations window. What difference does it make if it is switched on?

Q.6. Can using the Summary option from an already saved capture file help you figure out the total number of ignored packets after you apply a display filter?

Q.7. Describe the benefits of using different graphing techniques while analyzing data.

Q.8. Using an IO graph, create a filter to plot the DNS traffic in a green line.

Q.9. Create an IO graph and show UDP traffic in red along with general TCP traffic. Then, change the y axis unit to per bytes.

Q.10. Create a display filter for FTP packets, and apply the same in a Flow graph...