更新时间:2021-06-25 20:46:07
封面
版权信息
Packt Upsell
Why subscribe?
PacktPub.com
Contributors
About the author
About the reviewer
Packt is searching for authors like you
Preface
Who this book is for
What this book covers
To get the most out of this book
Download the color images
Conventions used
Get in touch
Reviews
Installing Wireshark
Introduction to Wireshark
Why use Wireshark?
The installation process
Troubleshooting common installation errors
A brief overview of the TCP/IP model
The layers in the TCP/IP model
Summary
Introduction to Wireshark and Packet Analysis
What is Wireshark?
How Wireshark works
An introduction to packet analysis with Wireshark
How to do packet analysis
Capturing methodologies
Hub-based networks
The switched environment
ARP poisoning
Passing through routers
The Wireshark GUI
Starting our first capture
Filtering Our Way in Wireshark
Introducing filters
Capture filters
Why use capture filters
How to use capture filters
An example capture filter
Display filters
Retaining filters for later use
Searching for packets using the Find dialog
Colorize traffic
Create new Wireshark profiles
Analyzing Application Layer Protocols
Domain Name System (DNS)
Dissecting a DNS packet
Dissecting DNS query/response
File transfer protocol
Dissecting FTP communication packets
Hypertext Transfer Protocol (HTTP)
How request/response works
Request
Response
Simple Mail Transfer Protocol (SMTP)
Dissecting SMTP communication packets
Session Initiation Protocol (SIP) and Voice Over Internet Protocol(VOIP)
Reassembling packets for playback
Decrypting encrypted traffic (SSL/TLS)
Analyzing the Transport Layer Protocols TCP/UDP
The transmission control protocol
Understanding the TCP header and its various flags
How TCP communicates
How it works
How sequence numbers are generated and managed
RST (reset) packets
Unusual TCP traffic
The User Datagram Protocol
The UDP header
The DHCP
The TFTP
Unusual UDP traffic
Network Security Packet Analysis
Information gathering
PING sweep
Half-open scan (SYN)
OS fingerprinting
Analysing brute force attacks
Inspecting malicious traffic (malware)
Analyzing Traffic in Thin Air
Understanding IEEE 802.11
Various modes in wireless communications
Usual and unusual wireless traffic
WPA Enterprise
Decrypting wireless network traffic
Mastering the Advanced Features of Wireshark
The Statistics menu
Using the Statistics menu
