Search icon CANCEL
Subscription
0
Cart icon
Your Cart (0 item)
Close icon
You have no products in your basket yet
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Free Learning
Arrow right icon
Arrow up icon
GO TO TOP
Network Analysis using Wireshark 2 Cookbook

You're reading from   Network Analysis using Wireshark 2 Cookbook Practical recipes to analyze and secure your network using Wireshark 2

Arrow left icon
Product type Paperback
Published in Mar 2018
Publisher
ISBN-13 9781786461674
Length 626 pages
Edition 2nd Edition
Arrow right icon
Authors (3):
Arrow left icon
Nagendra Kumar Nainar Nagendra Kumar Nainar
Author Profile Icon Nagendra Kumar Nainar
Nagendra Kumar Nainar
Yoram Orzach Yoram Orzach
Author Profile Icon Yoram Orzach
Yoram Orzach
Yogesh Ramdoss Yogesh Ramdoss
Author Profile Icon Yogesh Ramdoss
Yogesh Ramdoss
Arrow right icon
View More author details
Toc

Table of Contents (20) Chapters Close

Preface 1. Introduction to Wireshark Version 2 FREE CHAPTER 2. Mastering Wireshark for Network Troubleshooting 3. Using Capture Filters 4. Using Display Filters 5. Using Basic Statistics Tools 6. Using Advanced Statistics Tools 7. Using the Expert System 8. Ethernet and LAN Switching 9. Wireless LAN 10. Network Layer Protocols and Operations 11. Transport Layer Protocol Analysis 12. FTP, HTTP/1, and HTTP/2 13. DNS Protocol Analysis 14. Analyzing Mail Protocols 15. NetBIOS and SMB Protocol Analysis 16. Analyzing Enterprise Applications' Behavior 17. Troubleshooting SIP, Multimedia, and IP Telephony 18. Troubleshooting Bandwidth and Delay Issues 19. Security and Network Forensics

Introduction

Information security is one of the most fascinating areas in information systems, and its purpose is to secure the organization's systems against internal and external attacks, which can come in various patterns. These attacks can come from the internet or from the internal network, and as such, they all come through the network; therefore, they can be monitored with Wireshark (and other similar tools).

To monitor the network against malicious traffic, we must first understand what constitutes normal traffic and define the base line of the traffic rate, it's pattern, and so on. We can then try to find out how malicious traffic is short of being normal traffic according to it. Among unusual traffic, we might see an ARP, IP, or TCP scanning; DNS responses without queries; unusual TCP flags; unknown IP addresses or port numbers whose purpose is not known to...

lock icon The rest of the chapter is locked
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Renews at $19.99/month. Cancel anytime
Banner background image