万本电子书0元读

万本电子书0元读

顶部广告

Mastering Wireshark电子书

售       价:¥

6人正在读 | 0人评论 9.8

作       者:Charit Mishra

出  版  社:Packt Publishing

出版时间:2016-03-30

字       数:149.4万

所属分类: 进口书 > 外文原版书 > 电脑/网络

温馨提示:数字商品不支持退换货,不提供源文件,不支持导出打印

为你推荐

  • 读书简介
  • 目录
  • 累计评论(0条)
  • 读书简介
  • 目录
  • 累计评论(0条)
Analyze data network like a professional by mastering Wireshark - From 0 to 1337 About This Book Master Wireshark and train it as your network sniffer Impress your peers and get yourself pronounced as a network doctor Understand Wireshark and its numerous features with the aid of this fast-paced book packed with numerous screenshots, and become a pro at resolving network anomalies Who This Book Is For Are you curious to know what’s going on in a networkDo you get frustrated when you are unable to detect the cause of problems in your networksThis is where the book comes into play. Mastering Wireshark is for developers or network enthusiasts who are interested in understanding the internal workings of networks and have prior knowledge of using Wireshark, but are not aware about all of its functionalities. What You Will Learn Install Wireshark and understand its GUI and all the functionalities of it Create and use different filters Analyze different layers of network protocols and know the amount of packets that flow through the network Decrypt encrypted wireless traffic Use Wireshark as a diagnostic tool and also for network security analysis to keep track of malware Troubleshoot all the network anomalies with help of Wireshark Resolve latencies and bottleneck issues in the network In Detail Wireshark is a popular and powerful tool used to analyze the amount of bits and bytes that are flowing through a network. Wireshark deals with the second to seventh layer of network protocols, and the analysis made is presented in a human readable form. Mastering Wireshark will help you raise your knowledge to an expert level. At the start of the book, you will be taught how to install Wireshark, and will be introduced to its interface so you understand all its functionalities. Moving forward, you will discover different ways to create and use capture and display filters. Halfway through the book, you’ll be mastering the features of Wireshark, analyzing different layers of the network protocol, looking for any anomalies. As you reach to the end of the book, you will be taught how to use Wireshark for network security analysis and configure it for troubleshooting purposes. Style and approach Every chapter in this book is explained to you in an easy way accompanied by real-life examples and screenshots of the interface, making it easy for you to become an expert at using Wireshark.
目录展开

Mastering Wireshark

Table of Contents

Mastering Wireshark

Credits

About the Author

About the Reviewer

www.PacktPub.com

eBooks, discount offers, and more

Why subscribe?

Preface

What this book covers

What you need for this book

Who this book is for

Conventions

Reader feedback

Customer support

Downloading the color images of this book

Errata

Piracy

Questions

1. Welcome to the World of Packet Analysis with Wireshark

Introduction to Wireshark

A brief overview of the TCP/IP model

The layers in the TCP/IP model

An introduction to packet analysis with Wireshark

How to do packet analysis

What is Wireshark?

How it works

Capturing methodologies

Hub-based networks

The switched environment

ARP poisoning

Passing through routers

Why use Wireshark?

The Wireshark GUI

The installation process

Starting our first capture

Summary

Practice questions

2. Filtering Our Way in Wireshark

An introduction to filters

Capture filters

Why use capture filters

How to use capture filters

An example capture filter

Capture filters that use protocol header values

Display filters

Retaining filters for later use

Searching for packets using the Find dialog

Colorize traffic

Create new Wireshark profiles

Summary

Practice questions

3. Mastering the Advanced Features of Wireshark

The Statistics menu

Using the Statistics menu

Protocol Hierarchy

Conversations

Endpoints

Working with IO, Flow, and TCP stream graphs

IO graphs

Flow graphs

TCP stream graphs

Round-trip time graphs

Throughput graphs

The Time-sequence graph (tcptrace)

Follow TCP streams

Expert Infos

Command Line-fu

Summary

Exercise

4. Inspecting Application Layer Protocols

Domain name system

Dissecting a DNS packet

Dissecting DNS query/response

Unusual DNS traffic

File transfer protocol

Dissecting FTP communications

Passive mode

Active mode

Dissecting FTP packets

Unusual FTP

Hyper Text Transfer Protocol

How it works – request/response

Request

Response

Unusual HTTP traffic

Simple Mail Transfer Protocol

Usual versus unusual SMTP traffic

Session Initiation Protocol and Voice Over Internet Protocol

Analyzing VOIP traffic

Reassembling packets for playback

Unusual traffic patterns

Decrypting encrypted traffic (SSL/TLS)

Summary

Practice questions:

5. Analyzing Transport Layer Protocols

The transmission control protocol

Understanding the TCP header and its various flags

How TCP communicates

How it works

Graceful termination

RST (reset) packets

Relative verses Absolute numbers

Unusual TCP traffic

How to check for different analysis flags in Wireshark

The User Datagram Protocol

A UDP header

How it works

The DHCP

The TFTP

Unusual UDP traffic

Summary

Practice questions

6. Analyzing Traffic in Thin Air

Understanding IEEE 802.11

Various modes in wireless communications

Wireless interference and strength

The IEEE 802.11 packet structure

RTS/CTS

Usual and unusual WEP – open/shared key communication

WEP-open key

The shared key

WPA-Personal

WPA-Enterprise

Decrypting WEP and WPA traffic

Summary

Practice questions

7. Network Security Analysis

Information gathering

PING sweep

Half-open scan (SYN)

OS fingerprinting

ARP poisoning

Analyzing brute force attacks

Inspecting malicious traffic

Solving real-world CTF challenges

Summary

Practice questions

8. Troubleshooting

Recovery features

The flow control mechanism

Troubleshooting slow Internet and network latencies

Client- and server-side latencies

Troubleshooting bottleneck issues

Troubleshooting application-based issues

Summary

Practice questions

9. Introduction to Wireshark v2

The intelligent scroll bar

Translation

Graph improvements

TCP streams

USBPcap

Summary

Practice questions

Index

累计评论(0条) 0个书友正在讨论这本书 发表评论

发表评论

发表评论,分享你的想法吧!

买过这本书的人还买过

读了这本书的人还在读

回顶部