Packt+ | Advance your knowledge in tech

You're reading from Network Analysis using Wireshark Cookbook This book will be a massive ally in troubleshooting your network using Wireshark, the world's most popular analyzer. Over 100 practical recipes provide a focus on real-life situations, helping you resolve your own individual issues.

Product type Paperback

Published in Dec 2013

Publisher Packt

ISBN-13 9781849517645

Length 452 pages

Edition 1st Edition

Tools

Wireshark

Concepts

Network Security

Author (1):

Yoram Orzach

View More author details

Table of Contents (17) Chapters

Preface

1. Introducing Wireshark FREE CHAPTER

2. Using Capture Filters

3. Using Display Filters

4. Using Basic Statistics Tools

5. Using Advanced Statistics Tools

6. Using the Expert Infos Window

7. Ethernet, LAN Switching, and Wireless LAN

8. ARP and IP Analysis

9. UDP/TCP Analysis

10. HTTP and DNS

11. Analyzing Enterprise Applications' Behavior

12. SIP, Multimedia, and IP Telephony

13. Troubleshooting Bandwidth and Delay Problems

14. Understanding Network Security

A. Links, Tools, and Reading

Index

TCP resets and why they happen

During a normal operation, TCP will open a connection with SYN signals, and close the connection with FIN signals. One of the characters of TCP is the possibility to close a connection faster due to a problem or just for better efficiency.

In this recipe we will describe these cases, and how to understand exactly what happens, and if it is a regular condition or something went wrong.

Getting ready

Connect Wireshark with a port mirror to the suspected link or server, and start capture. Keep track of every window message you will see on the capture window. TCP resets can be sent in several cases. Some point to the proper working of the protocol, and some suggest a failure or problem. In this recipe, we will get to the reasons for it, and try to point out the problems and how to solve them.