Book Image

Packet Analysis with Wireshark

By : ANISH NATH
Book Image

Packet Analysis with Wireshark

By: ANISH NATH

Overview of this book

Related Content you might be interested in

Current Title:

Small book image
Packet Analysis with Wireshark
ANISH NATH
Dec, 2015 | 172 pages
Small book image
Mastering Linux Administration
Alexandru Calcatinge | Julian Balog
Mar, 2024 | 764 pages
Small book image
Linux for System Administrators
Viorel Rudareanu | Daniil Baturin
Sep, 2023 | 294 pages
Small book image
Mastering Linux Administration
Alexandru Calcatinge | Julian Balog
Jun, 2021 | 772 pages
Table of Contents (14 chapters)
Packet Analysis with Wireshark
Packet Analysis with Wireshark
Credits
Credits
About the Author
About the Author
About the Reviewers
About the Reviewers
www.PacktPub.com
www.PacktPub.com
Preface
Preface
Free Chapter
1
Packet Analyzers
Packet Analyzers
Uses for packet analyzers
Introducing Wireshark
Other packet analyzer tools
Summary
2
Capturing Packets
Capturing Packets
Guide to capturing packets
Troubleshooting
Wireshark user interface
Wireshark features
Tcpdump and snoop
References
Summary
3
Analyzing the TCP Network
Analyzing the TCP Network
Recapping TCP
TCP connection establishment and clearing
TCP data communication
TCP close sequence
Lab exercise
TCP troubleshooting
TCP latency issues
Wireshark TCP sequence analysis
References
Summary
4
Analyzing SSL/TLS
Analyzing SSL/TLS
An introduction to SSL/TLS
The SSL/TLS handshake
Key exchange
Decrypting SSL/TLS
Debugging issues
Summary
5
Analyzing Application Layer Protocols
Analyzing Application Layer Protocols
DHCPv6
BOOTP/DHCP
DNS
HTTP
References
Summary
6
WLAN Capturing
WLAN Capturing
WLAN capture setup
Analyzing the Wi-Fi networks
Wi-Fi sniffing products
Summary
7
Security Analysis
Security Analysis
Heartbleed bug
The DOS attack
Scanning
ARP duplicate IP detection
DrDoS
BitTorrent
Wireshark protocol hierarchy
Summary
Index
Index

Key exchange

In the next section, we will talk about how the SSL/TLS channel can be decrypted; before that, we need to understand what the different keys exchange methods are and what their cipher suites look like. These are the following key exchange methods.

The Diffie-Hellman key exchange

This protocol allows two users to exchange a secret key over an insecure medium without any prior secrets; in this scheme, the example cipher suites will have a naming convention such as:

  • SSL_DH_RSA_WITH_DES_CBC_SHA

  • SSL_DH_RSA_WITH_3DES_EDE_CBC_SHA

Cipher suites will have "DH" in their name, not "DHE" or "DH_anon".

Note

You can learn more about Diffie-Hellman at: https://en.wikipedia.org/wiki/Diffie-Hellman_key_exchange.

Elliptic curve Diffie-Hellman key exchange

Elliptic curve Diffie-Hellman is a modified Diffie-Hellman exchange that uses elliptic curve cryptography instead of the traditional RSA-style large primes. Elliptic curve cryptography (ECC) is a public-key cryptosystem just like RSA, Rabin, and El...

Previous Section
End of Section 4
Next Section