Book Image

Wireshark Revealed: Essential Skills for IT Professionals

By : James H Baxter, Yoram Orzach, Charit Mishra
Book Image

Wireshark Revealed: Essential Skills for IT Professionals

By: James H Baxter, Yoram Orzach, Charit Mishra

Overview of this book

This Learning Path starts off installing Wireshark, before gradually taking you through your first packet capture, identifying and filtering out just the packets of interest, and saving them to a new file for later analysis. You will then discover different ways to create and use capture and display filters. By halfway through the book, you'll be mastering Wireshark features, analyzing different layers of the network protocol, and looking for any anomalies.We then start Ethernet and LAN switching, through IP, and then move on to TCP/UDP with a focus on TCP performance problems. It also focuses on WLAN security. Then, we go through application behavior issues including HTTP, mail, DNS, and other common protocols. This book finishes with a look at network forensics and how to locate security problems that might harm the network.This course provides you with highly practical content explaining Metasploit from the following books: 1) Wireshark Essentials 2) Network Analysis Using Wireshark Cookbook 3) Mastering Wireshark
Table of Contents (5 chapters)

Chapter 8. ARP and IP Analysis

In this chapter we will cover the following issues:

  • Analyzing connectivity problems with ARP
  • Using IP traffic analysis tools
  • Using GeoIP to look up physical locations of the IP address
  • Finding fragmentation problems
  • Analyzing routing problems
  • Finding duplicate IPs
  • Analyzing DHCP problems


In this chapter we will learn how to analyze Layer 3 (IP) and Layer 3 to Layer 2 resolution (ARP). We will discuss the Internet Protocol (IP), Address Resolution Protocol (ARP), Dynamic Host Configuration Protocol (DHCP), routing issues and others, and the problems that you might face while troubleshooting these protocols.

We will start with presenting the protocol's normal behavior for the various protocols and continue with showing what can go wrong and how to solve it.

In general, when we analyze a network problem, we will go bottom up: if you cannot get connectivity, look for the problem in the following order:

  1. Layer 1: Check if the cable is connected and...