Subscription

Explore Products

Best Sellers

New Releases

Books

Videos

Audiobooks

Learning Hub

Conferences

Free Learning

You're reading from Network Analysis using Wireshark 2 Cookbook Practical recipes to analyze and secure your network using Wireshark 2

Product type Paperback

Published in Mar 2018

Publisher

ISBN-13 9781786461674

Length 626 pages

Edition 2nd Edition

Tools

Wireshark

Concepts

Network Security

Authors (3):

Nagendra Kumar Nainar

Yoram Orzach

Yogesh Ramdoss

View More author details

Table of Contents (20) Chapters

Preface

1. Introduction to Wireshark Version 2 FREE CHAPTER

2. Mastering Wireshark for Network Troubleshooting

3. Using Capture Filters

4. Using Display Filters

5. Using Basic Statistics Tools

6. Using Advanced Statistics Tools

7. Using the Expert System

8. Ethernet and LAN Switching

9. Wireless LAN

10. Network Layer Protocols and Operations

11. Transport Layer Protocol Analysis

12. FTP, HTTP/1, and HTTP/2

13. DNS Protocol Analysis

14. Analyzing Mail Protocols

15. NetBIOS and SMB Protocol Analysis

16. Analyzing Enterprise Applications' Behavior

17. Troubleshooting SIP, Multimedia, and IP Telephony

18. Troubleshooting Bandwidth and Delay Issues

19. Security and Network Forensics

Introduction

Information security is one of the most fascinating areas in information systems, and its purpose is to secure the organization's systems against internal and external attacks, which can come in various patterns. These attacks can come from the internet or from the internal network, and as such, they all come through the network; therefore, they can be monitored with Wireshark (and other similar tools).

To monitor the network against malicious traffic, we must first understand what constitutes normal traffic and define the base line of the traffic rate, it's pattern, and so on. We can then try to find out how malicious traffic is short of being normal traffic according to it. Among unusual traffic, we might see an ARP, IP, or TCP scanning; DNS responses without queries; unusual TCP flags; unknown IP addresses or port numbers whose purpose is not known to...

The rest of the chapter is locked

A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.

Unlock this book and the full library FREE for 7 days

Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of

Start free trial

Renews at €18.99/month. Cancel anytime

Authors (3)

Nagendra Kumar Nainar

Nagendra Kumar Nainar (CCIE#20987) is a senior technical leader with RP escalation team in Cisco Systems. He is the co-inventor of more than 80 patent applications and the coauthor of six internet RFCs, various internet drafts and IEEE papers. He is a guest lecturer in North Carolina State University and a speaker in different network forums.

See other products by Nagendra Kumar Nainar

Yoram Orzach

Yoram Orzach is a senior networks and networks security advisor, providing network design and network security consulting services to a range of clients. Having spent thirty years in network and information security, Yoram has worked as a network and security engineer across many verticals in roles ranging from a network engineer, security consultant, and instructor. Yoram has gained his B.Sc. from the Technion in Haifa, Israel. Yoram's experience is both with corporate networks; service providers and Internet service providers' networks. His customers are Motorola solutions, Elbit Systems, 888, Taboola, Bezeq, PHI Networks, Cellcom, Strauss group, and many other hi-tech companies.

See other products by Yoram Orzach

Yogesh Ramdoss

Yogesh Ramdoss (CCIE #16183) is a senior technical leader in the technical services organization of Cisco Systems. He is a distinguished speaker at CiscoLive, sharing knowledge and educating customers on enterprise/datacenter technologies and platforms, troubleshooting and packet capturing tools, and open network programmability. Co-inventor of patent in machine/behavior learning.

See other products by Yogesh Ramdoss