Wireshark Revealed: Essential Skills for IT Professionals

Master Wireshark and discover how to analyze network packets and protocols effectively, along with engaging recipes to troubleshoot network problems About This Book * Gain valuable insights into the network and application protocols, and the key fields in each protocol * Use Wireshark’s powerful statistical tools to analyze your network and leverage its expert system to pinpoint network problems * Master Wireshark and train it as your network sniffer Who This Book Is For This book is aimed at IT professionals who want to develop or enhance their packet analysis skills. A basic familiarity with common network and application services terms and technologies is assumed. What You Will Learn * Discover how packet analysts view networks and the role of protocols at the packet level * Capture and isolate all the right packets to perform a thorough analysis using Wireshark’s extensive capture and display filtering capabilities * Decrypt encrypted wireless traffic * Use Wireshark as a diagnostic tool and also for network security analysis to keep track of malware * Find and resolve problems due to bandwidth, throughput, and packet loss * Identify and locate faults in communication applications including HTTP, FTP, mail, and various other applications – Microsoft OS problems, databases, voice, and video over IP * Identify and locate faults in detecting security failures and security breaches in the network In Detail This Learning Path starts off installing Wireshark, before gradually taking you through your first packet capture, identifying and filtering out just the packets of interest, and saving them to a new file for later analysis. You will then discover different ways to create and use capture and display filters. By halfway through the book, you’ll be mastering Wireshark features, analyzing different layers of the network protocol, and looking for any anomalies.We then start Ethernet and LAN switching, through IP, and then move on to TCP/UDP with a focus on TCP performance problems. It also focuses on WLAN security. Then, we go through application behavior issues including HTTP, mail, DNS, and other common protocols. This book finishes with a look at network forensics and how to locate security problems that might harm the network.This course provides you with highly practical content explaining Metasploit from the following books: 1) Wireshark Essentials 2) Network Analysis Using Wireshark Cookbook 3) Mastering Wireshark Style and approach This step-by-step guide follows a practical approach, starting from the basic to the advanced aspects. Through a series of real-world examples, this learning path will focus on making it easy for you to become an expert at using Wireshark.

Table of Contents

1. Module 1
1. Getting Acquainted with Wireshark
2. Networking for Packet Analysts
3. Capturing All the Right Packets
4. Configuring Wireshark
5. Network Protocols
6. Troubleshooting and Performance Analysis
7. Packet Analysis for Security Tasks
8. Command-line and Other Utilities
2. Module 2
1. Introducing Wireshark
2. Using Capture Filters
3. Using Display Filters
4. Using Basic Statistics Tools
5. Using Advanced Statistics Tools
6. Using the Expert Infos Window
7. Ethernet, LAN Switching, and Wireless LAN
8. ARP and IP Analysis
9. UDP/TCP Analysis
10. HTTP and DNS
11. Analyzing Enterprise Applications’ Behavior
12. SIP, Multimedia, and IP Telephony
1xx codes – provisional/informational
2xx codes – success
3xx codes – redirection
4xx codes – client error
5xx codes – server error
6xx codes – global failure
13. Troubleshooting Bandwidth and Delay Problems
14. Understanding Network Security
3. Module 3
1. Welcome to the World of Packet Analysis with Wireshark
2. Filtering Our Way in Wireshark
3. Mastering the Advanced Features of Wireshark
4. Inspecting Application Layer Protocols
5. Analyzing Transport Layer Protocols
6. Analyzing Traffic in Thin Air
7. Network Security Analysis
8. Troubleshooting
9. Introduction to Wireshark v2