Subscription

Explore Products

Best Sellers

New Releases

Books

Videos

Audiobooks

Learning Hub

Conferences

Free Learning

You're reading from Network Analysis using Wireshark 2 Cookbook Practical recipes to analyze and secure your network using Wireshark 2

Product type Paperback

Published in Mar 2018

Publisher

ISBN-13 9781786461674

Length 626 pages

Edition 2nd Edition

Tools

Wireshark

Concepts

Network Security

Authors (3):

Nagendra Kumar Nainar

Yoram Orzach

Yogesh Ramdoss

View More author details

Table of Contents (20) Chapters

Preface

1. Introduction to Wireshark Version 2 FREE CHAPTER

2. Mastering Wireshark for Network Troubleshooting

3. Using Capture Filters

4. Using Display Filters

5. Using Basic Statistics Tools

6. Using Advanced Statistics Tools

7. Using the Expert System

8. Ethernet and LAN Switching

9. Wireless LAN

10. Network Layer Protocols and Operations

11. Transport Layer Protocol Analysis

12. FTP, HTTP/1, and HTTP/2

13. DNS Protocol Analysis

14. Analyzing Mail Protocols

15. NetBIOS and SMB Protocol Analysis

16. Analyzing Enterprise Applications' Behavior

17. Troubleshooting SIP, Multimedia, and IP Telephony

18. Troubleshooting Bandwidth and Delay Issues

19. Security and Network Forensics

Discovering unusual traffic patterns

In this recipe, we will learn what usual and unusual traffic patterns are and how to distinguish between them.

Getting ready

The first thing is to locate Wireshark. There are several options for this:

When you suspect an attack that comes from the internet, locate Wireshark after the firewall (1), and when you suspect that it crosses the firewall, locate it before (2).
When you suspect malicious traffic coming from a remote office, port-mirror traffic coming on the central line before (3) or after (4) the router. In this case, you can filter the suspicious traffic with IP networks to see patterns from different offices in order to isolate the problematic office.
You can also port-mirror...

The rest of the chapter is locked

A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.

Unlock this book and the full library FREE for 7 days

Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of

Start free trial

Renews at €18.99/month. Cancel anytime

Authors (3)

Nagendra Kumar Nainar

Nagendra Kumar Nainar (CCIE#20987) is a senior technical leader with RP escalation team in Cisco Systems. He is the co-inventor of more than 80 patent applications and the coauthor of six internet RFCs, various internet drafts and IEEE papers. He is a guest lecturer in North Carolina State University and a speaker in different network forums.

See other products by Nagendra Kumar Nainar

Yoram Orzach

Yoram Orzach is a senior networks and networks security advisor, providing network design and network security consulting services to a range of clients. Having spent thirty years in network and information security, Yoram has worked as a network and security engineer across many verticals in roles ranging from a network engineer, security consultant, and instructor. Yoram has gained his B.Sc. from the Technion in Haifa, Israel. Yoram's experience is both with corporate networks; service providers and Internet service providers' networks. His customers are Motorola solutions, Elbit Systems, 888, Taboola, Bezeq, PHI Networks, Cellcom, Strauss group, and many other hi-tech companies.

See other products by Yoram Orzach

Yogesh Ramdoss

Yogesh Ramdoss (CCIE #16183) is a senior technical leader in the technical services organization of Cisco Systems. He is a distinguished speaker at CiscoLive, sharing knowledge and educating customers on enterprise/datacenter technologies and platforms, troubleshooting and packet capturing tools, and open network programmability. Co-inventor of patent in machine/behavior learning.

See other products by Yogesh Ramdoss