售 价:¥
温馨提示:数字商品不支持退换货,不提供源文件,不支持导出打印
为你推荐
Mastering Wireshark
Table of Contents
Mastering Wireshark
Credits
About the Author
About the Reviewer
www.PacktPub.com
eBooks, discount offers, and more
Why subscribe?
Preface
What this book covers
What you need for this book
Who this book is for
Conventions
Reader feedback
Customer support
Downloading the color images of this book
Errata
Piracy
Questions
1. Welcome to the World of Packet Analysis with Wireshark
Introduction to Wireshark
A brief overview of the TCP/IP model
The layers in the TCP/IP model
An introduction to packet analysis with Wireshark
How to do packet analysis
What is Wireshark?
How it works
Capturing methodologies
Hub-based networks
The switched environment
ARP poisoning
Passing through routers
Why use Wireshark?
The Wireshark GUI
The installation process
Starting our first capture
Summary
Practice questions
2. Filtering Our Way in Wireshark
An introduction to filters
Capture filters
Why use capture filters
How to use capture filters
An example capture filter
Capture filters that use protocol header values
Display filters
Retaining filters for later use
Searching for packets using the Find dialog
Colorize traffic
Create new Wireshark profiles
Summary
Practice questions
3. Mastering the Advanced Features of Wireshark
The Statistics menu
Using the Statistics menu
Protocol Hierarchy
Conversations
Endpoints
Working with IO, Flow, and TCP stream graphs
IO graphs
Flow graphs
TCP stream graphs
Round-trip time graphs
Throughput graphs
The Time-sequence graph (tcptrace)
Follow TCP streams
Expert Infos
Command Line-fu
Summary
Exercise
4. Inspecting Application Layer Protocols
Domain name system
Dissecting a DNS packet
Dissecting DNS query/response
Unusual DNS traffic
File transfer protocol
Dissecting FTP communications
Passive mode
Active mode
Dissecting FTP packets
Unusual FTP
Hyper Text Transfer Protocol
How it works – request/response
Request
Response
Unusual HTTP traffic
Simple Mail Transfer Protocol
Usual versus unusual SMTP traffic
Session Initiation Protocol and Voice Over Internet Protocol
Analyzing VOIP traffic
Reassembling packets for playback
Unusual traffic patterns
Decrypting encrypted traffic (SSL/TLS)
Summary
Practice questions:
5. Analyzing Transport Layer Protocols
The transmission control protocol
Understanding the TCP header and its various flags
How TCP communicates
How it works
Graceful termination
RST (reset) packets
Relative verses Absolute numbers
Unusual TCP traffic
How to check for different analysis flags in Wireshark
The User Datagram Protocol
A UDP header
How it works
The DHCP
The TFTP
Unusual UDP traffic
Summary
Practice questions
6. Analyzing Traffic in Thin Air
Understanding IEEE 802.11
Various modes in wireless communications
Wireless interference and strength
The IEEE 802.11 packet structure
RTS/CTS
Usual and unusual WEP – open/shared key communication
WEP-open key
The shared key
WPA-Personal
WPA-Enterprise
Decrypting WEP and WPA traffic
Summary
Practice questions
7. Network Security Analysis
Information gathering
PING sweep
Half-open scan (SYN)
OS fingerprinting
ARP poisoning
Analyzing brute force attacks
Inspecting malicious traffic
Solving real-world CTF challenges
Summary
Practice questions
8. Troubleshooting
Recovery features
The flow control mechanism
Troubleshooting slow Internet and network latencies
Client- and server-side latencies
Troubleshooting bottleneck issues
Troubleshooting application-based issues
Summary
Practice questions
9. Introduction to Wireshark v2
The intelligent scroll bar
Translation
Graph improvements
TCP streams
USBPcap
Summary
Practice questions
Index
买过这本书的人还买过
读了这本书的人还在读
同类图书排行榜