Instant Traffic Analysis with Tshark How-to

Master the terminal-based version of Wireshark for dealing with network security incidents
Preview in Mapt
Code Files

Instant Traffic Analysis with Tshark How-to

Borja Merino

Master the terminal-based version of Wireshark for dealing with network security incidents
Mapt Subscription
FREE
$29.99/m after trial
eBook
$10.50
RRP $14.99
Save 29%
What do I get with a Mapt Pro subscription?
  • Unlimited access to all Packt’s 5,000+ eBooks and Videos
  • Early Access content, Progress Tracking, and Assessments
  • 1 Free eBook or Video to download and keep every month after trial
What do I get with an eBook?
  • Download this book in EPUB, PDF, MOBI formats
  • DRM FREE - read and interact with your content when you want, where you want, and how you want
  • Access this title in the Mapt reader
What do I get with Print & eBook?
  • Get a paperback copy of the book delivered to you
  • Download this book in EPUB, PDF, MOBI formats
  • DRM FREE - read and interact with your content when you want, where you want, and how you want
  • Access this title in the Mapt reader
What do I get with a Video?
  • Download this Video course in MP4 format
  • DRM FREE - read and interact with your content when you want, where you want, and how you want
  • Access this title in the Mapt reader
$0.00
$10.50
$29.99p/m after trial
RRP $14.99
Subscription
eBook
Start 30 Day Trial

Frequently bought together


Instant Traffic Analysis with Tshark How-to Book Cover
Instant Traffic Analysis with Tshark How-to
$ 14.99
$ 10.50
Instant StyleCop Code Analysis How-to Book Cover
Instant StyleCop Code Analysis How-to
$ 12.99
$ 9.10
Buy 2 for $19.60
Save $8.38
Add to Cart
Subscribe and access every Packt eBook & Video.
 
  • 5,000+ eBooks & Videos
  • 50+ New titles a month
  • 1 Free eBook/Video to keep every month
Start Free Trial
 

Book Details

ISBN 139781782165385
Paperback68 pages

Book Description

Malware, DoS attacks, SQLi, and data exfiltration are some of the problems that many security officers have to face every day. Having advanced knowledge in communications and protocol analysis is therefore essential to investigate and detect any of these attacks. Tshark is the ideal tool for professionals who wish to meet these needs, or students who want to delve into the world of networking.

Instant Traffic Analysis with Tshark How-to is a practical, hands-on guide for network administrators and security officers who want to take advantage of the filtering features provided by Tshark, the command-line version of Wireshark. With this guide you will learn how to get the most out of Tshark from environments lacking GUI, ideal for example in Unix/Linux servers, offering you much flexibility to identify and display network traffic.

The book begins by explaining the basic theoretical concepts of Tshark and the process of data collection. Subsequently, you will see several alternatives to capture traffic based on network infrastructure and the goals of the network administrator. The rest of the book will focus on explaining the most interesting parameters of the tool from a totally practical standpoint.

You will also learn how to decode protocols and how to get evidence of suspicious network traffic. You will become familiar with the many practical filters of Tshark that identify malware-infected computers and lots of network attacks such as DoS attacks, DHCP/ARP spoof, and DNS flooding. Finally, you will see some tricks to automate certain tasks with Tshark and python scripts.

You will learn everything you need to get the most out of Tshark and overcome a wide range of network problems. In addition you will learn a variety of concepts related to networking and network attacks currently exploited.

Table of Contents

Chapter 1: Instant Traffic Analysis with Tshark How-to
Capturing data with Tshark (Must know)
Capturing traffic (Must know)
Delimiting network problems (Should know)
Implementing useful filters (Should know)
Decoding protocols (Become an expert)
Auditing network attacks (Become an expert)
Analyzing network forensic data (Become an expert)
Auditing network applications (Must know)
Analyzing malware traffic (Must know)
Automating tasks (Must know)

What You Will Learn

  • Basic use of the tool and theoretical concepts of operation and dependence with other tools
  • Find the root of many problems related to the performance of your network
  • Decode SSL to inspect network attacks that attempt to evade IDS
  • Identify well-known networks attacks and get evidence of suspicious network traffic
  • Limit security incidents to locate network intrusions
  • Audit applications that make use of sockets
  • Automate tasks with the help of scripts
  • Use Tshark in a clever way to detect traffic anomalies

Authors

Table of Contents

Chapter 1: Instant Traffic Analysis with Tshark How-to
Capturing data with Tshark (Must know)
Capturing traffic (Must know)
Delimiting network problems (Should know)
Implementing useful filters (Should know)
Decoding protocols (Become an expert)
Auditing network attacks (Become an expert)
Analyzing network forensic data (Become an expert)
Auditing network applications (Must know)
Analyzing malware traffic (Must know)
Automating tasks (Must know)

Book Details

ISBN 139781782165385
Paperback68 pages
Read More

Read More Reviews

Recommended for You

Advanced Penetration Testing for Highly-Secured Environments: The Ultimate Security Guide Book Cover
Advanced Penetration Testing for Highly-Secured Environments: The Ultimate Security Guide
$ 35.99
$ 7.20
Nmap 6: Network Exploration and Security Auditing Cookbook Book Cover
Nmap 6: Network Exploration and Security Auditing Cookbook
$ 26.99
$ 18.90
Network Analysis using Wireshark Cookbook Book Cover
Network Analysis using Wireshark Cookbook
$ 29.99
$ 6.00
Social Networking in Recruitment Book Cover
Social Networking in Recruitment
$ 7.99
$ 5.60
Python Network Programming Cookbook Book Cover
Python Network Programming Cookbook
$ 26.99
$ 18.90
Web Penetration Testing with Kali Linux Book Cover
Web Penetration Testing with Kali Linux
$ 29.99
$ 21.00