heavyjas.blogg.se - Practical packet analysis

Use advanced Wireshark features to understand confusing captures.

Graph traffic patterns to visualize the data flowing across your network.

Extract files sent across a network from packet captures.

Explore modern exploits and malware at the packet level.

Use packet analysis to troubleshoot and resolve common network problems, like loss of connectivity, DNS issues, and slow speeds.

Build customized capture and display filters.

Monitor your network in real time and tap live network communications.

Practical Packet Analysis will show you how to:

You’ll find added coverage of IPv6 and SMTP, a new chapter on the powerful command line packet analyzers tcpdump and TShark, and an appendix on how to read and reference packet values using a packet map. Updated to cover Wireshark 2.x, the third edition of Practical Packet Analysis will teach you to make sense of your packet captures so that you can better troubleshoot network problems. But how do you use those packets to understand what’s happening on your network? On multiple occasions, I caught myself saying, “Really? I didn’t know you could do that!” Any book that talks about how a protocol works, ties it to real life troubleshooting and security scenarios and then seals the deal with using a tool is a winner in my book (pun intended).It’s easy to capture packets with Wireshark, the world’s most popular network sniffer, whether off the wire or from the air. I was stuck, however, how much I didn’t know about Wireshark. I’ve been using Wireshark since the Ethereal days and am no stranger to packet analysis – as we network janitors know, it’s sometimes the best way to discover and solve problems. If it isn’t apparent already, I really enjoyed this book. This is the part where the practical applications and problems are described, detailed and discussed…from troubleshooting to security to wireless. The fourth and final section (chapter 8-11) is where Sanders really earns his keep. Discussing wire tapping is exciting, showing wire captures explains plenty, but understanding the protocols themselves is the can’t-live-without piece that ties everything together. The third section (chapter 6 – 7) is my favorite. Sanders does an excellent job keeping the text lively, when it’s really just about 1’s and 0’s inside headers. This content is as valuable as it is humorous.

The second section (chapter 3 – 5) discuss Wireshark in detail. After all, if you don’t have visibility into a network, it becomes more difficult to troubleshoot and provide security. These two chapters provide a basis for engineers to capture packets to do analysis, which is often overlooked in the real-world. The first section (chapters 1 and 2) describe network sniffing, how it can be done and why it should be done. The book is divided into four general sections.