In this chapter, we will look under the hood of the advanced options available in Wireshark and work with a command-line version of packet sniffer. Here, we will be covering the following topics:
- Analyzing the network using the Statistics menu
- Using TCP Stream
- Using the Protocol Hierarchy Option
- Using command-line tools for protocol analysis
With Wireshark, a variety of statistics about the network packets, protocols and endpoints can be viewed and analyzed. Understanding and awareness of advanced features such as protocol hierarchy, conversations, endpoints, and so on, assists in performing tasks pertaining to troubleshooting, optimizing, and forensics activity through viewing and analyzing network related information specifics in detail.
