Wireshark Revealed: Essential Skills for IT Professionals
by: James H Baxter – Yoram Orzach – Charit Mishra
ISBN-10: 1788833228
ISBN-13: 9781788833226
Publication Date 出版日期: 2017-12-14
Print Length 页数: 912
9
Publisher finelybook 出版社: Packt
Book Description
By finelybook
This Learning Path starts off installing Wireshark,before gradually taking you through your first packet capture,identifying and filtering out just the packets of interest,and saving them to a new file for later analysis. You will then discover different ways to create and use capture and display filters. By halfway through the book,you’ll be mastering Wireshark features,analyzing different layers of the network protocol,and looking for any anomalies.We then start Ethernet and LAN switching,through IP,and then move on to TCP/UDP with a focus on TCP performance problems. It also focuses on WLAN security. Then,we go through application behavior issues including HTTP,mail,DNS,and other common protocols. This book finishes with a look at network forensics and how to locate security problems that might harm the network.This course provides you with highly practical content explaining Metasploit from the following books:
Wireshark Essentials
Network Analysis Using Wireshark Cookbook
Mastering Wireshark
Contents
1: GETTING ACQUAINTED WITH WIRESHARK
2: NETWORKING FOR PACKET ANALYSTS
3: CAPTURING ALL THE RIGHT PACKETS
4: CONFIGURING WIRESHARK
5: NETWORK PROTOCOLS
6: TROUBLESHOOTING AND PERFORMANCE ANALYSIS
7: PACKET ANALYSIS FOR SECURITY TASKS
8: COMMAND-LINE AND OTHER UTILITIES
9: INTRODUCING WIRESHARK
10: USING CAPTURE FILTERS
11: USING DISPLAY FILTERS
12: USING BASIC STATISTICS TOOLS
13: USING ADVANCED STATISTICS TOOLS
14: USING THE EXPERT INFOS WINDOW
15: ETHERNET,LAN SWITCHING,AND WIRELESS LAN
16: ARP AND IP ANALYSIS
17: UDP/TCP ANALYSIS
18: HTTP AND DNS
19: ANALYZING ENTERPRISE APPLICATIONS’ BEHAVIOR
20: SIP,MULTIMEDIA,AND IP TELEPHONY
21: TROUBLESHOOTING BANDWIDTH AND DELAY PROBLEMS
22: UNDERSTANDING NETWORK SECURITY
23: WELCOME TO THE WORLD OF PACKET ANALYSIS WITH WIRESHARK
24: FILTERING OUR WAY IN WIRESHARK
25: MASTERING THE ADVANCED FEATURES OF WIRESHARK
26: INSPECTING APPLICATION LAYER PROTOCOLS
27: ANALYZING TRANSPORT LAYER PROTOCOLS
28: ANALYZING TRAFFIC IN THIN AIR
29: NETWORK SECURITY ANALYSIS
30: TROUBLESHOOTING
31: INTRODUCTION TO WIRESHARK V2
What You Will Learn
Discover how packet analysts view networks and the role of protocols at the packet level
Capture and isolate all the right packets to perform a thorough analysis using Wireshark’s extensive capture and display filtering capabilities
Decrypt encrypted wireless traffic
Use Wireshark as a diagnostic tool and also for network security analysis to keep track of malware
Find and resolve problems due to bandwidth,throughput,and packet loss
Identify and locate faults in communication applications including HTTP,FTP,mail,and various other applications – Microsoft OS problems,databases,voice,and video over IP
Identify and locate faults in detecting security failures and security breaches in the network
Authors
James H Baxter
James H Baxter is the president and CEO of PacketIQ Inc.,which specializes in network and application performance analysis and management,including development of advanced analysis frameworks and tools.
With over 30 years of experience in the IT industry,James’ diverse technical background includes electronics,RF,satellite,data/telecom,LAN/WAN and voice design,network management,speech technologies,Java/.NET programming,and for most of the last 20 years,working specifically with network and application performance issues.
James is a Wireshark Certified Network Analyst (WCNA),a member of the IEEE,Computer Measurement Group,Association of Computing Machinery,and follows advancements in artificial intelligence.
James is also a private pilot,holds an Extra class amateur radio license,and is a mediocre guitar player and amateur astronomer.
Yoram Orzach
Yoram Orzach gained his bachelor’s degree in science from the Technion in Haifa,Israel,and worked in Bezeq as a systems engineer in the fields of transmission and access networks. From being the technical manager at Netplus,he is now the CTO of NDI Communications. His experience is with corporate networks,service providers,and internet service provider’s networks,and his client companies are Comverse,Motorola,Intel,Ceragon networks,Marvel,HP,and others. His experience is in design,implementation,troubleshooting as well as training for R&D,engineering,and IT groups
