The Wireshark Field Guide provides hackers, pen testers, and network administrators with practical guidance on capturing and interactively browsing computer network traffic. Wireshark is the world's foremost network protocol analyzer, with a rich feature set that includes deep inspection of hundreds of protocols, live capture, offline analysis and many other features.
The Wireshark Field Guide covers the installation, configuration and use of this powerful multi-platform tool. The book give readers the hands-on skills to be more productive with Wireshark as they drill down into the information contained in real-time network traffic. Readers will learn the fundamentals of packet capture and inspection, the use of color codes and filters, deep analysis, including probes and taps, and much more.
The Wireshark Field Guide is an indispensable companion for network technicians, operators, and engineers.
- Learn the fundamentals of using Wireshark in a concise field manual
- Quickly create functional filters that will allow you to get to work quickly on solving problems
- Understand the myriad of options and the deep functionality of Wireshark
- Solve common network problems
- Learn some advanced features, methods and helpful ways to work more quickly and efficiently
| Preface |
|
xi | |
| About the Author |
|
xiii | |
| Acknowledgment |
|
xv | |
| Introduction |
|
xvii | |
|
Chapter 1 About Wireshark |
|
|
1 | (16) |
|
|
|
1 | (1) |
|
|
|
1 | (2) |
|
1.3 What Is Network and Protocol Analysis? |
|
|
3 | (2) |
|
1.4 The History of Wireshark |
|
|
5 | (3) |
|
1.5 Troubleshooting Problems |
|
|
8 | (1) |
|
1.6 Using Wireshark to Analyze Data |
|
|
9 | (4) |
|
|
|
13 | (2) |
|
|
|
15 | (2) |
|
Chapter 2 Installing Wireshark |
|
|
17 | (16) |
|
|
|
17 | (1) |
|
|
|
18 | (2) |
|
|
|
20 | (1) |
|
2.4 Installation Preparation |
|
|
21 | (1) |
|
|
|
21 | (10) |
|
|
|
31 | (2) |
|
Chapter 3 Configuring a System |
|
|
33 | (12) |
|
|
|
33 | (1) |
|
|
|
33 | (3) |
|
3.3 Configuring a Cisco Port Monitor |
|
|
36 | (5) |
|
3.4 Other Tools and Methodologies |
|
|
41 | (3) |
|
|
|
44 | (1) |
|
Chapter 4 Capturing Packets |
|
|
45 | (10) |
|
|
|
45 | (1) |
|
|
|
45 | (8) |
|
|
|
53 | (2) |
|
|
|
55 | (8) |
|
|
|
55 | (1) |
|
5.2 Creating Color Code Lists |
|
|
56 | (3) |
|
5.3 Adding and Removing Filters |
|
|
59 | (2) |
|
5.4 Other Coloring Options |
|
|
61 | (1) |
|
|
|
61 | (2) |
|
|
|
63 | (16) |
|
|
|
64 | (1) |
|
|
|
64 | (3) |
|
6.3 Advanced Filter Creation |
|
|
67 | (1) |
|
6.4 Other Filtering Techniques |
|
|
68 | (1) |
|
6.5 Customized Filtering and Troubleshooting |
|
|
69 | (5) |
|
|
|
74 | (3) |
|
|
|
77 | (2) |
|
Chapter 7 Sample Captures |
|
|
79 | (12) |
|
|
|
80 | (1) |
|
|
|
80 | (4) |
|
|
|
84 | (3) |
|
|
|
87 | (3) |
|
|
|
90 | (1) |
|
Chapter 8 Inspecting Packets |
|
|
91 | (10) |
|
|
|
91 | (1) |
|
8.2 Understanding the Technology |
|
|
92 | (3) |
|
8.3 Capturing and Filtering Data |
|
|
95 | (1) |
|
8.4 Inspection of the Data |
|
|
95 | (3) |
|
|
|
98 | (1) |
|
|
|
99 | (2) |
|
|
|
101 | (18) |
|
|
|
102 | (1) |
|
|
|
102 | (5) |
|
|
|
107 | (2) |
|
9.4 Troubleshooting Phones |
|
|
109 | (1) |
|
|
|
110 | (2) |
|
9.6 Network Performance Analysis and Optimization |
|
|
112 | (5) |
|
9.7 Using Wireshark Online |
|
|
117 | (1) |
|
|
|
118 | (1) |
|
Chapter 10 Saving Captures |
|
|
119 | |
|
|
|
120 | (1) |
|
|
|
120 | (1) |
|
10.3 Saving Captures (Multiple Files) |
|
|
121 | (2) |
|
10.4 Saving in Other Formats |
|
|
123 | (2) |
|
10.5 Importing and Exporting Data |
|
|
125 | (1) |
|
|
|
126 | (2) |
|
|
|
128 | |
Robert Shimonski is a technology executive specializing in healthcare IT for one of the largest health systems in America. In his role at Northwell Health, Rob is a decision maker and strategy planner for information systems operations and technology services. In his current role, Rob is responsible for bringing operational support into the future with the help of new technologies such as cloud and Artificial Intelligence. He is a best-selling author and editor with over 15 years experience developing, producing, and distributing print media in the form of books, magazines, and periodicals. Robs professional experience includes work for CompTIA, Entrepreneur Magazine, Microsoft, McGraw-Hill Education, Cisco, the US National Security Agency, and Digidesign. Rob has a diverse background in the publishing, including roles such as author, co-author, technical editor, copy editor, and developmental editor. Since print media shifted to the digital domain, Rob has focused the past decade on developing the needed skills to produce professional audio and video media. His research interests are focused on innovation and developing new solutions to create efficiency and bringing forth better outcomes through technology solutions. Rob has a masters degree in IT Management and a masters degree in Industrial Psychology. He is author of Cyber Reconnaissance, Surveillance and Defense, Introduction to Microsoft Certification and Study Skills, and MCSA Windows Server 2003 Upgrade to Server 2008 Technology Specialist Exam Prep from Syngress/Elsevier.
Daugiau apie elektronines knygas