Book Image

Mastering Wireshark

Book Image

Mastering Wireshark

Overview of this book

Wireshark is a popular and powerful tool used to analyze the amount of bits and bytes that are flowing through a network. Wireshark deals with the second to seventh layer of network protocols, and the analysis made is presented in a human readable form. Mastering Wireshark will help you raise your knowledge to an expert level. At the start of the book, you will be taught how to install Wireshark, and will be introduced to its interface so you understand all its functionalities. Moving forward, you will discover different ways to create and use capture and display filters. Halfway through the book, you’ll be mastering the features of Wireshark, analyzing different layers of the network protocol, looking for any anomalies. As you reach to the end of the book, you will be taught how to use Wireshark for network security analysis and configure it for troubleshooting purposes.
Table of Contents (16 chapters)
Mastering Wireshark
About the Author
About the Reviewer

Chapter 6. Analyzing Traffic in Thin Air

In this chapter, you will learn how to analyze wireless traffic and pinpoint any problems. You will also learn how to analyze wireless traffic using Wireshark. The following are the topics we will cover in this chapter:

  • Understanding IEEE 802.11 traffic

  • Analyzing normal and unusual behavior

  • Lab up—wireless communication

  • Decrypting encrypted wireless traffic

  • Lab up—decrypting WEP and WPA traffic

  • Practice questions

We start from the basics such as how WLAN traffic gets generated and various essential elements responsible for handling the wireless transmission between hosts. Then, moving ahead, we will analyze the usual and unusual forms of packets that can be seen in Wireshark. Side by side, we will identify anomalies and regular traffic patterns. We will also discuss how you can decrypt wireless (WEP) traffic using Wireshark, which can definitely give an advantage while auditing WLAN environment.

What we are going to witness is not much different from the...