Wireshark 2 Quick Start Guide

Wireshark 2 Quick Start Guide

By : Charit Mishra

Buy this Book

Wireshark 2 Quick Start Guide

By: Charit Mishra

Buy this Book

Overview of this book

Wireshark is an open source protocol analyser, commonly used among the network and security professionals. Currently being developed and maintained by volunteer contributions of networking experts from all over the globe. Wireshark is mainly used to analyze network traffic, analyse network issues, analyse protocol behaviour, etc. - it lets you see what's going on in your network at a granular level. This book takes you from the basics of the Wireshark environment to detecting and resolving network anomalies. This book will start from the basics of setting up your Wireshark environment and will walk you through the fundamentals of networking and packet analysis. As you make your way through the chapters, you will discover different ways to analyse network traffic through creation and usage of filters and statistical features. You will look at network security packet analysis, command-line utilities, and other advanced tools that will come in handy when working with day-to-day network operations. By the end of this book, you have enough skill with Wireshark 2 to overcome real-world network challenges.

Title Page

Packt Upsell

Contributors

Preface

Free Chapter

Installing Wireshark

Introduction to Wireshark

A brief overview of the TCP/IP model

The layers in the TCP/IP model

Summary

Introduction to Wireshark and Packet Analysis

What is Wireshark?

An introduction to packet analysis with Wireshark

Capturing methodologies

Summary

Filtering Our Way in Wireshark

Introducing filters

Capture filters

Create new Wireshark profiles

Summary

Analyzing Application Layer Protocols

Domain Name System (DNS)

File transfer protocol

Hypertext Transfer Protocol (HTTP)

Simple Mail Transfer Protocol (SMTP)

Summary

Analyzing the Transport Layer Protocols TCP/UDP

The transmission control protocol

The User Datagram Protocol

Summary

Network Security Packet Analysis

Information gathering

ARP poisoning

Analysing brute force attacks

Summary

Analyzing Traffic in Thin Air

Understanding IEEE 802.11

Usual and unusual wireless traffic

Decrypting wireless network traffic

Summary

Mastering the Advanced Features of Wireshark

The Statistics menu

Summary

Other Books You May Enjoy

Leave a review - let other readers know what you think

Index

Customer Reviews

5 star

4 star

3 star

2 star

1 star

Summary

The IEEE 802.11 standard works over radio frequencies for communication purposes. CSMA/CD facilitates the collision-free environment required for a high-performance wireless networks.

There are commonly three types of frames observed while doing wireless traffic analysis: management, control, and data frames. Management frames control the establishment of the connection, control frames manage the transmission of packets, and data frames consist of the actual data.

Enterprise authentication protocol (EAP) in LAN becomes EAPOL, which is used in 802.11 infrastructures (RADIUS/ AAA) for the exchange of master keys.

EAP is used to let the exchange of master keys take place. As defined in RFC 3748, EAP is an authentication framework that supports multiple kinds of authentication methods, and to execute EAP, you do not require an IP because it runs over a data-link layer.

Access points broadcast beacon frames that wireless clients listen for. Also, wireless clients may send a probe request...

Wireshark 2 Quick Start Guide

By : Charit Mishra

Wireshark 2 Quick Start Guide

By: Charit Mishra

Overview of this book

Related Content you might be interested in

Current Title:

Wireshark 2 Quick Start Guide

Mastering Wireshark 2

Network Analysis using Wireshark 2 Cookbook

Learn Wireshark - Fundamentals of Wireshark

Summary