Learn Wireshark (eBook)

Grasp the basics of packet capture and analyze common protocols

Key Features

• Troubleshoot basic to advanced network problems using packet analysis
• Analyze common protocols and identify latency issues with Wireshark
• Explore ways to examine captures to recognize unusual traffic and possible network attacks

Book Description

Wireshark is a popular and powerful packet analysis tool that helps network administrators investigate latency issues and identify potential attacks.

Learn Wireshark provides a solid overview of basic protocol analysis and helps you to navigate the Wireshark interface, so you can confidently examine common protocols such as TCP, IP, and ICMP. The book starts by outlining the benefits of traffic analysis, takes you through the evolution of Wireshark, and then covers the phases of packet analysis. We'll review some of the command line tools and outline how to download and install Wireshark on either a PC or MAC. You'll gain a better understanding of what happens when you tap into the data stream, and learn how to personalize the Wireshark interface. This Wireshark book compares the display and capture filters and summarizes the OSI model and data encapsulation. You'll gain insights into the protocols that move data in the TCP/IP suite, and dissect the TCP handshake and teardown process. As you advance, you'll explore ways to troubleshoot network latency issues, and discover how to save and export files. Finally, you'll see how you can share captures with your colleagues using Cloudshark.

By the end of this book, you'll have a solid understanding of how to monitor and secure your network with the most updated version of Wireshark.

What you will learn

• Become familiar with the Wireshark interface
• Navigate commonly accessed menu options such as edit, view, and file
• Use display and capture filters to examine traffic
• Understand the Open Systems Interconnection (OSI) model
• Carry out deep packet analysis of the Internet suite: IP, TCP, UDP, ARP, and ICMP
• Explore ways to troubleshoot network latency issues
• Subset traffic, insert comments, save, export, and share packet captures

Who this book is for

This book is for network administrators, security analysts, students, teachers, and anyone interested in learning about packet analysis using Wireshark. Basic knowledge of network fundamentals, devices, and protocols along with an understanding of different topologies will be beneficial.

Lisa Bock is an associate professor in the IT department at Pennsylvania College of Technology, in Williamsport, PA. Some of the courses she has taught since 2003 include networking, security, biometrics, protocol vulnerabilities using Wireshark, CCNA security, and unified communications. In addition to this, she is a LinkedIn learning instructor and has published over 30 courses, mainly in cybersecurity and networking. She holds an MS from UMUC along with numerous other certifications. She has had training in forensics, biometrics, networking, steganography, and network security. She is involved with various volunteer activities, has evaluated professional journals, and is an award-winning, nationally known speaker.

---

Grasp the basics of packet capture and analyze common protocolsKey FeaturesTroubleshoot basic to advanced network problems using packet analysisAnalyze common protocols and identify latency issues with WiresharkExplore ways to examine captures to recognize unusual traffic and possible network attacksBook DescriptionWireshark is a popular and powerful packet analysis tool that helps network administrators investigate latency issues and identify potential attacks. Learn Wireshark provides a solid overview of basic protocol analysis and helps you to navigate the Wireshark interface, so you can confidently examine common protocols such as TCP, IP, and ICMP. The book starts by outlining the benefits of traffic analysis, takes you through the evolution of Wireshark, and then covers the phases of packet analysis. We ll review some of the command line tools and outline how to download and install Wireshark on either a PC or MAC. You'll gain a better understanding of what happens when you tap into the data stream, and learn how to personalize the Wireshark interface. This Wireshark book compares the display and capture filters and summarizes the OSI model and data encapsulation. You'll gain insights into the protocols that move data in the TCP/IP suite, and dissect the TCP handshake and teardown process. As you advance, you'll explore ways to troubleshoot network latency issues, and discover how to save and export files. Finally, you'll see how you can share captures with your colleagues using Cloudshark. By the end of this book, you'll have a solid understanding of how to monitor and secure your network with the most updated version of Wireshark.What you will learnBecome familiar with the Wireshark interfaceNavigate commonly accessed menu options such as edit, view, and fileUse display and capture filters to examine trafficUnderstand the Open Systems Interconnection (OSI) modelCarry out deep packet analysis of the Internet suite: IP, TCP, UDP, ARP, and ICMPExplore ways to troubleshoot network latency issuesSubset traffic, insert comments, save, export, and share packet capturesWho this book is forThis book is for network administrators, security analysts, students, teachers, and anyone interested in learning about packet analysis using Wireshark. Basic knowledge of network fundamentals, devices, and protocols along with an understanding of different topologies will be beneficial.]]>