Wireshark 2 Quick Start Guide

Wireshark 2 Quick Start Guide

By : Charit Mishra

Buy this Book

Wireshark 2 Quick Start Guide

By: Charit Mishra

Buy this Book

Overview of this book

Wireshark is an open source protocol analyser, commonly used among the network and security professionals. Currently being developed and maintained by volunteer contributions of networking experts from all over the globe. Wireshark is mainly used to analyze network traffic, analyse network issues, analyse protocol behaviour, etc. - it lets you see what's going on in your network at a granular level. This book takes you from the basics of the Wireshark environment to detecting and resolving network anomalies. This book will start from the basics of setting up your Wireshark environment and will walk you through the fundamentals of networking and packet analysis. As you make your way through the chapters, you will discover different ways to analyse network traffic through creation and usage of filters and statistical features. You will look at network security packet analysis, command-line utilities, and other advanced tools that will come in handy when working with day-to-day network operations. By the end of this book, you have enough skill with Wireshark 2 to overcome real-world network challenges.

Title Page

Packt Upsell

Contributors

Preface

Free Chapter

Installing Wireshark

Introduction to Wireshark

A brief overview of the TCP/IP model

The layers in the TCP/IP model

Summary

Introduction to Wireshark and Packet Analysis

What is Wireshark?

An introduction to packet analysis with Wireshark

Capturing methodologies

Summary

Filtering Our Way in Wireshark

Introducing filters

Capture filters

Create new Wireshark profiles

Summary

Analyzing Application Layer Protocols

Domain Name System (DNS)

File transfer protocol

Hypertext Transfer Protocol (HTTP)

Simple Mail Transfer Protocol (SMTP)

Summary

Analyzing the Transport Layer Protocols TCP/UDP

The transmission control protocol

The User Datagram Protocol

Summary

Network Security Packet Analysis

Information gathering

ARP poisoning

Analysing brute force attacks

Summary

Analyzing Traffic in Thin Air

Understanding IEEE 802.11

Usual and unusual wireless traffic

Decrypting wireless network traffic

Summary

Mastering the Advanced Features of Wireshark

The Statistics menu

Summary

Other Books You May Enjoy

Leave a review - let other readers know what you think

Index

Customer Reviews

5 star

4 star

3 star

2 star

1 star

Summary

Use Wireshark to keep your network secure by defending against common forms of infiltration attempts. Analyzing the packets from a security perspective will give you a new insight into how to deal with malicious users.

Activities such as port scanning, footprinting, and various active information gathering attempts are the basis of attacking methodologies that can be taken advantage of to bypass your security infrastructure. Create filters and signatures to identify malicious traffic patterns.

Guessing passwords to gain unauthorized access is called a brute force attack. Through Wireshark, you can filter and identify such malicious forms of traffic.

Wireshark can help you in analyzing malware behavior, and using the behavior analyzed, you would be able to create the necessary signatures for your IDS/IPS security solutions.

The next chapter will enable network professionals to perform wireless packet analysis and teach them how to decrypt and read traffic from the air.

Wireshark 2 Quick Start Guide

By : Charit Mishra

Wireshark 2 Quick Start Guide

By: Charit Mishra

Overview of this book

Related Content you might be interested in

Current Title:

Wireshark 2 Quick Start Guide

Mastering Wireshark 2

Network Analysis using Wireshark 2 Cookbook

Learn Wireshark - Fundamentals of Wireshark

Summary