Search icon CANCEL
Subscription
0
Cart icon
Your Cart (0 item)
Close icon
You have no products in your basket yet
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Conferences
Free Learning
Arrow right icon
Arrow up icon
GO TO TOP
Wireshark Network Security

You're reading from   Wireshark Network Security A succinct guide to securely administer your network using Wireshark

Arrow left icon
Product type Paperback
Published in Jul 2015
Publisher
ISBN-13 9781784393335
Length 138 pages
Edition 1st Edition
Arrow right icon
Author (1):
Arrow left icon
Piyush Verma Piyush Verma
Author Profile Icon Piyush Verma
Piyush Verma
Arrow right icon
View More author details
Toc

Gearing up Wireshark

To ease the analysis of malicious traffic, Wireshark requires certain tweaks. In short, we need to create a new profile in Wireshark to inspect malware traffic.

Updated columns

We added the following columns in Wireshark:

Updated columns

The columns can be added/modified by going to menu bar and navigating to Edit | Preferences | Select Columns (under User Interface).

  • SPort—source port (unresolved)
  • DPort—destination port (unresolved)
  • HTTP host—display filter: http.host
  • URI—display filter: http.request.uri

Updated coloring rules

For any packet containing an unusual number of DNS answers, we colored it with a background color—black and foreground color—orange, as can be seen in the following image.

Updated coloring rules

The coloring rule implied for any packet can be seen under the Frame header in the Packet Details pane.

Updated coloring rules

Coloring rule implied for the above packet

Important display filters

Some of the common display filters in use can be saved as well, as shown in the following...

lock icon The rest of the chapter is locked
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Renews at $19.99/month. Cancel anytime
Banner background image