Book Image

Mastering Wireshark

Book Image

Mastering Wireshark

Overview of this book

Wireshark is a popular and powerful tool used to analyze the amount of bits and bytes that are flowing through a network. Wireshark deals with the second to seventh layer of network protocols, and the analysis made is presented in a human readable form. Mastering Wireshark will help you raise your knowledge to an expert level. At the start of the book, you will be taught how to install Wireshark, and will be introduced to its interface so you understand all its functionalities. Moving forward, you will discover different ways to create and use capture and display filters. Halfway through the book, you’ll be mastering the features of Wireshark, analyzing different layers of the network protocol, looking for any anomalies. As you reach to the end of the book, you will be taught how to use Wireshark for network security analysis and configure it for troubleshooting purposes.

Related Content you might be interested in

Current Title:

Small book image
Mastering Wireshark
Mar, 2016 | 308 pages
No titles found
Table of Contents (16 chapters)
Mastering Wireshark
Mastering Wireshark
Credits
Credits
About the Author
About the Author
About the Reviewer
About the Reviewer
www.PacktPub.com
www.PacktPub.com
Preface
Preface
Free Chapter
1
Welcome to the World of Packet Analysis with Wireshark
Welcome to the World of Packet Analysis with Wireshark
Introduction to Wireshark
A brief overview of the TCP/IP model
The layers in the TCP/IP model
An introduction to packet analysis with Wireshark
Capturing methodologies
Summary
Practice questions
2
Filtering Our Way in Wireshark
Filtering Our Way in Wireshark
An introduction to filters
Capture filters
Display filters
Searching for packets using the Find dialog
Create new Wireshark profiles
Summary
Practice questions
3
Mastering the Advanced Features of Wireshark
Mastering the Advanced Features of Wireshark
The Statistics menu
Conversations
Endpoints
Working with IO, Flow, and TCP stream graphs
IO graphs
Flow graphs
TCP stream graphs
Follow TCP streams
Expert Infos
Command Line-fu
Summary
Exercise
4
Inspecting Application Layer Protocols
Inspecting Application Layer Protocols
Domain name system
File transfer protocol
Hyper Text Transfer Protocol
Simple Mail Transfer Protocol
Summary
Practice questions:
5
Analyzing Transport Layer Protocols
Analyzing Transport Layer Protocols
The transmission control protocol
The User Datagram Protocol
Summary
Practice questions
6
Analyzing Traffic in Thin Air
Analyzing Traffic in Thin Air
Understanding IEEE 802.11
Usual and unusual WEP – open/shared key communication
Decrypting WEP and WPA traffic
Summary
Practice questions
7
Network Security Analysis
Network Security Analysis
Information gathering
ARP poisoning
Analyzing brute force attacks
Summary
Practice questions
8
Troubleshooting
Troubleshooting
Recovery features
Summary
Practice questions
9
Introduction to Wireshark v2
Introduction to Wireshark v2
The intelligent scroll bar
Translation
Graph improvements
TCP streams
USBPcap
Summary
Practice questions
Index
Index

The Statistics menu

Statistics in Wireshark are not presented to you just through recorded figures; there are graphical features too, which can present the figures in terms of graphs. Using this, the analysis process becomes easier and much efficient. Multiple types of graphs are available, which we can use to collect valuable information.

Command-line tools are like a samurai's sword, which will enhance the capability of a moderate user to become and act like an advanced user. In this chapter, we will see a couple of inbuilt tools that are command based.

Using the Statistics menu

A wide range of tools related to network stats is available in the menu, which facilitate users in gaining information ranging from general info to specific protocol related info in detail.

The general details with respect to the packets captured, filters applied, marked packets, and various other stats can be checked in the Statistics menu. Though this option is just for informational purpose, at times this can be...

Previous Section
End of Section 2
Next Section