Wireshark Essentials

Get up and running with Wireshark to analyze network packets and protocols effectively

Wireshark Essentials

James H. Baxter

1 customer reviews
Get up and running with Wireshark to analyze network packets and protocols effectively
Mapt Subscription
FREE
$29.99/m after trial
eBook
$10.50
RRP $14.99
Save 29%
Print + eBook
$24.99
RRP $24.99
What do I get with a Mapt Pro subscription?
  • Unlimited access to all Packt’s 5,000+ eBooks and Videos
  • Early Access content, Progress Tracking, and Assessments
  • 1 Free eBook or Video to download and keep every month after trial
What do I get with an eBook?
  • Download this book in EPUB, PDF, MOBI formats
  • DRM FREE - read and interact with your content when you want, where you want, and how you want
  • Access this title in the Mapt reader
What do I get with Print & eBook?
  • Get a paperback copy of the book delivered to you
  • Download this book in EPUB, PDF, MOBI formats
  • DRM FREE - read and interact with your content when you want, where you want, and how you want
  • Access this title in the Mapt reader
What do I get with a Video?
  • Download this Video course in MP4 format
  • DRM FREE - read and interact with your content when you want, where you want, and how you want
  • Access this title in the Mapt reader
$0.00
$10.50
$24.99
$29.99p/m after trial
RRP $14.99
RRP $24.99
Subscription
eBook
Print + eBook
Start 30 Day Trial
Subscribe and access every Packt eBook & Video.
 
  • 5,000+ eBooks & Videos
  • 50+ New titles a month
  • 1 Free eBook/Video to keep every month
Start Free Trial
 
Code Files
Preview in Mapt

Book Details

ISBN 139781783554638
Paperback194 pages

Book Description

This book introduces the Wireshark network analyzer to IT professionals across multiple disciplines.

It starts off with the installation of Wireshark, before gradually taking you through your first packet capture, identifying and filtering out just the packets of interest, and saving them to a new file for later analysis. The subsequent chapters will build on this foundation by covering essential topics on the application of the right Wireshark features for analysis, network protocols essentials, troubleshooting, and analyzing performance issues. Finally, the book focuses on packet analysis for security tasks, command-line utilities, and tools that manage trace files.

Upon finishing this book, you will have successfully added strong Wireshark skills to your technical toolset and significantly increased your value as an IT professional.

Table of Contents

Chapter 1: Getting Acquainted with Wireshark
Installing Wireshark
Performing your first packet capture
Summary
Chapter 2: Networking for Packet Analysts
The OSI model – why it matters
IP networks and subnets
Switching and routing packets
WAN links
Wireless networking
Summary
Chapter 3: Capturing All the Right Packets
Picking the best capture point
Test Access Ports and switch port mirroring
Capturing interfaces, filters, and options
Verifying a good capture
Saving the bulk capture file
Isolating conversations of interest
Using the Conversations window
Wireshark display filters
Filter Expression Buttons
Following TCP/UDP/SSL streams
Marking and ignoring packets
Saving the filtered traffic
Summary
Chapter 4: Configuring Wireshark
Working with packet timestamps
Colorization and coloring rules
Wireshark preferences
Wireshark profiles
Summary
Chapter 5: Network Protocols
The OSI and DARPA reference models
Transport layer protocols
Application layer protocols
Summary
Chapter 6: Troubleshooting and Performance Analysis
Troubleshooting methodology
Troubleshooting connectivity issues
Troubleshooting functional issues
Performance analysis methodology
Summary
Chapter 7: Packet Analysis for Security Tasks
Security analysis methodology
Security assessment tools
Identifying unacceptable or suspicious traffic
Scans and sweeps
OS fingerprinting
Malformed packets
Phone home traffic
Password-cracking traffic
Unusual traffic
Summary
Chapter 8: Command-line and Other Utilities
Wireshark command-line utilities
Capturing traffic with Dumpcap
Capturing traffic with Tshark
Editing trace files with Editcap
Merging trace files with Mergecap
Other helpful tools
Summary

What You Will Learn

  • Discover how packet analysts view networks and the role of protocols at the packet level
  • Capture and isolate all the right packets to perform a thorough analysis using Wireshark's extensive capture and display filtering capabilities
  • Use the optimal timestamp displays, packet marking and coloring, and protocol-level settings for effective analysis of packets
  • Select and configure the appropriate Wireshark features and functions for the analysis task at hand
  • Troubleshoot connectivity and functionality issues in your network
  • Analyze and report the leading causes of poor application performance
  • Analyze packets to detect and identify malicious traffic and security threats
  • Leverage the Wireshark command-line utilities for high performance or scripted analysis activities

Authors

Table of Contents

Chapter 1: Getting Acquainted with Wireshark
Installing Wireshark
Performing your first packet capture
Summary
Chapter 2: Networking for Packet Analysts
The OSI model – why it matters
IP networks and subnets
Switching and routing packets
WAN links
Wireless networking
Summary
Chapter 3: Capturing All the Right Packets
Picking the best capture point
Test Access Ports and switch port mirroring
Capturing interfaces, filters, and options
Verifying a good capture
Saving the bulk capture file
Isolating conversations of interest
Using the Conversations window
Wireshark display filters
Filter Expression Buttons
Following TCP/UDP/SSL streams
Marking and ignoring packets
Saving the filtered traffic
Summary
Chapter 4: Configuring Wireshark
Working with packet timestamps
Colorization and coloring rules
Wireshark preferences
Wireshark profiles
Summary
Chapter 5: Network Protocols
The OSI and DARPA reference models
Transport layer protocols
Application layer protocols
Summary
Chapter 6: Troubleshooting and Performance Analysis
Troubleshooting methodology
Troubleshooting connectivity issues
Troubleshooting functional issues
Performance analysis methodology
Summary
Chapter 7: Packet Analysis for Security Tasks
Security analysis methodology
Security assessment tools
Identifying unacceptable or suspicious traffic
Scans and sweeps
OS fingerprinting
Malformed packets
Phone home traffic
Password-cracking traffic
Unusual traffic
Summary
Chapter 8: Command-line and Other Utilities
Wireshark command-line utilities
Capturing traffic with Dumpcap
Capturing traffic with Tshark
Editing trace files with Editcap
Merging trace files with Mergecap
Other helpful tools
Summary

Book Details

ISBN 139781783554638
Paperback194 pages
Read More
From 1 reviews

Read More Reviews

Recommended for You

Network Analysis using Wireshark Cookbook Book Cover
Network Analysis using Wireshark Cookbook
$ 29.99
$ 6.00
Linux Shell Scripting Cookbook, Second Edition Book Cover
Linux Shell Scripting Cookbook, Second Edition
$ 26.99
$ 5.40
Mastering Wireshark Book Cover
Mastering Wireshark
$ 39.99
$ 28.00
Kali Linux - Assuring Security by Penetration Testing Book Cover
Kali Linux - Assuring Security by Penetration Testing
$ 26.99
$ 18.90
Advanced Penetration Testing for Highly-Secured Environments: The Ultimate Security Guide Book Cover
Advanced Penetration Testing for Highly-Secured Environments: The Ultimate Security Guide
$ 35.99
$ 7.20
Network Analysis using Wireshark Cookbook Book Cover
Network Analysis using Wireshark Cookbook
$ 29.99
$ 6.00