Book Image

Mastering Wireshark 2

By : Andrew Crouthamel
Book Image

Mastering Wireshark 2

By: Andrew Crouthamel

Overview of this book

Wireshark, a combination of a Linux distro (Kali) and an open source security framework (Metasploit), is a popular and powerful tool. Wireshark is mainly used to analyze the bits and bytes that flow through a network. It efficiently deals with the second to the seventh layer of network protocols, and the analysis made is presented in a form that can be easily read by people. Mastering Wireshark 2 helps you gain expertise in securing your network. We start with installing and setting up Wireshark2.0, and then explore its interface in order to understand all of its functionalities. As you progress through the chapters, you will discover different ways to create, use, capture, and display filters. By halfway through the book, you will have mastered Wireshark features, analyzed different layers of the network protocol, and searched for anomalies. You’ll learn about plugins and APIs in depth. Finally, the book focuses on pocket analysis for security tasks, command-line utilities, and tools that manage trace files. By the end of the book, you'll have learned how to use Wireshark for network security analysis and configured it for troubleshooting purposes.

Related Content you might be interested in

Current Title:

Small book image
Mastering Wireshark 2
Andrew Crouthamel
May, 2018 | 326 pages
Small book image
Learn Wireshark - Fundamentals of Wireshark
Lisa Bock
Aug, 2019 | 432 pages
Small book image
Wireshark 2 Quick Start Guide
Charit Mishra
Jun, 2018 | 164 pages
Small book image
Learn Wireshark
Lisa Bock
Aug, 2022 | 606 pages
Table of Contents (18 chapters)
Title Page
Title Page
Copyright and Credits
Copyright and Credits
Packt Upsell
Packt Upsell
Contributor
Contributor
Preface
Preface
Free Chapter
1
Installing Wireshark 2
Installing Wireshark 2
Installation and setup
Summary
2
Getting Started with Wireshark
Getting Started with Wireshark
What's new in Wireshark 2?
Capturing traffic
Saving and exporting packets
Annotating and printing packets
Remote capture setup
Remote capture usage
Summary
3
Filtering Traffic
Filtering Traffic
Berkeley Packet Filter (BPF) syntax
Capturing filters
Displaying filters
Following streams
Advanced filtering
Summary
4
Customizing Wireshark
Customizing Wireshark
Preferences
Profiles
Colorizing traffic
Summary
5
Statistics
Statistics
TCP/IP overview
Time values and summaries
Trace file statistics
Expert system usage
Summary
6
Introductory Analysis
Introductory Analysis
DNS analysis
ARP analysis
IPv4 and IPv6 analysis
ICMP analysis
Summary
7
Network Protocol Analysis
Network Protocol Analysis
UDP analysis
TCP analysis I
TCP analysis II
Graph I/O rates and TCP trends
Summary
8
Application Protocol Analysis I
Application Protocol Analysis I
DHCP analysis
HTTP analysis I
HTTP analysis II
FTP analysis
Summary
9
Application Protocol Analysis II
Application Protocol Analysis II
Email analysis
802.11 analysis
VoIP analysis
VoIP playback
Summary
10
Command-Line Tools
Command-Line Tools
Running Wireshark from a command line
Running tshark
Running tcpdump
Running dumpcap
Summary
11
A Troubleshooting Scenario
A Troubleshooting Scenario
Wireshark plugins
Determining where to capture
Capturing scenario traffic
Diagnosing scenario traffic
Summary
Other Books You May Enjoy
Other Books You May Enjoy
Leave a review - let other readers know what you think
Index
Index

Packt Upsell

mapt.io

Mapt is an online digital library that gives you full access to over 5,000 books and videos, as well as industry leading tools to help you plan your personal development and advance your career. For more information, please visit our website.

Why subscribe?

  • Spend less time learning and more time coding with practical eBooks and Videos from over 4,000 industry professionals

  • Improve your learning with Skill Plans built especially for you

  • Get a free eBook or video every month

  • Mapt is fully searchable

  • Copy and paste, print, and bookmark content

PacktPub.com

Did you know that Packt offers eBook versions of every book published, with PDF and ePub files available? You can upgrade to the eBook version at www.PacktPub.com and as a print book customer, you are entitled to a discount on the eBook copy. Get in touch with us at [email protected] for more details.

At www.PacktPub.com, you can also read a collection of free technical articles, sign up for a range of free newsletters, and receive exclusive discounts and offers on Packt books and eBooks.

 

Previous Section
Next Chapter