目錄(259章)
倒序
- 封面
- 版權信息
- Credits
- Preface
- Part 1. Module 1
- Chapter 1. Getting Acquainted with Wireshark
- Installing Wireshark
- Performing your first packet capture
- Summary
- Chapter 2. Networking for Packet Analysts
- The OSI model – why it matters
- IP networks and subnets
- Switching and routing packets
- WAN links
- Wireless networking
- Summary
- Chapter 3. Capturing All the Right Packets
- Picking the best capture point
- Test Access Ports and switch port mirroring
- Capturing interfaces filters and options
- Verifying a good capture
- Saving the bulk capture file
- Isolating conversations of interest
- Using the Conversations window
- Wireshark display filters
- Filter Expression Buttons
- Following TCP/UDP/SSL streams
- Marking and ignoring packets
- Saving the filtered traffic
- Summary
- Chapter 4. Configuring Wireshark
- Working with packet timestamps
- Colorization and coloring rules
- Wireshark preferences
- Wireshark profiles
- Summary
- Chapter 5. Network Protocols
- The OSI and DARPA reference models
- Transport layer protocols
- Application layer protocols
- Summary
- Chapter 6. Troubleshooting and Performance Analysis
- Troubleshooting methodology
- Troubleshooting connectivity issues
- Troubleshooting functional issues
- Performance analysis methodology
- Summary
- Chapter 7. Packet Analysis for Security Tasks
- Security analysis methodology
- Security assessment tools
- Identifying unacceptable or suspicious traffic
- Scans and sweeps
- OS fingerprinting
- Malformed packets
- Phone home traffic
- Password-cracking traffic
- Unusual traffic
- Summary
- Chapter 8. Command-line and Other Utilities
- Wireshark command-line utilities
- Capturing traffic with Dumpcap
- Capturing traffic with Tshark
- Editing trace files with Editcap
- Merging trace files with Mergecap
- Other helpful tools
- Summary
- Part 2. Module 2
- Chapter 1. Introducing Wireshark
- Introduction
- Locating Wireshark
- Starting the capture of data
- Configuring the start window
- Using time values and summaries
- Configuring coloring rules and navigation techniques
- Saving printing and exporting data
- Configuring the user interface in the Preferences menu
- Configuring protocol preferences
- Chapter 2. Using Capture Filters
- Introduction
- Configuring capture filters
- Configuring Ethernet filters
- Configuring host and network filters
- Configuring TCP/UDP and port filters
- Configuring compound filters
- Configuring byte offset and payload matching filters
- Chapter 3. Using Display Filters
- Introduction
- Configuring display filters
- Configuring Ethernet ARP host and network filters
- Configuring TCP/UDP filters
- Configuring specific protocol filters
- Configuring substring operator filters
- Configuring macros
- Chapter 4. Using Basic Statistics Tools
- Introduction
- Using the Summary tool from the Statistics menu
- Using the Protocol Hierarchy tool from the Statistics menu
- Using the Conversations tool from the Statistics menu
- Using the Endpoints tool from the Statistics menu
- Using the HTTP tool from the Statistics menu
- Configuring Flow Graph for viewing TCP flows
- Creating IP-based statistics
- Chapter 5. Using Advanced Statistics Tools
- Introduction
- Configuring IO Graphs with filters for measuring network performance issues
- Throughput measurements with IO Graph
- Advanced IO Graph configurations with advanced Y-Axis parameters
- Getting information through TCP stream graphs – the Time-Sequence (Stevens) window
- Getting information through TCP stream graphs – the Time-Sequence (tcp-trace) window
- Getting information through TCP stream graphs – the Throughput Graph window
- Getting information through TCP stream graphs – the Round Trip Time window
- Getting information through TCP stream graphs – the Window Scaling Graph window
- Chapter 6. Using the Expert Infos Window
- Introduction
- The Expert Infos window and how to use it for network troubleshooting
- Error events and understanding them
- Warning events and understanding them
- Notes events and understanding them
- Chapter 7. Ethernet LAN Switching and Wireless LAN
- Introduction
- Discovering broadcast and error storms
- Analyzing Spanning Tree Protocols
- Analyzing VLANs and VLAN tagging issues
- Analyzing wireless (Wi-Fi) problems
- Chapter 8. ARP and IP Analysis
- Introduction
- Analyzing connectivity problems with ARP
- Using IP traffic analysis tools
- Using GeoIP to look up physical locations of the IP address
- Finding fragmentation problems
- Analyzing routing problems
- Finding duplicate IPs
- Analyzing DHCP problems
- Chapter 9. UDP/TCP Analysis
- Introduction
- Configuring TCP and UDP preferences for troubleshooting
- TCP connection problems
- TCP retransmission – where do they come from and why
- Duplicate ACKs and fast retransmissions
- TCP out-of-order packet events
- TCP Zero Window Window Full Window Change and other Window indicators
- TCP resets and why they happen
- Chapter 10. HTTP and DNS
- Introduction
- Filtering DNS traffic
- Analyzing regular DNS operations
- Analysing DNS problems
- Filtering HTTP traffic
- Configuring HTTP preferences
- Analyzing HTTP problems
- Exporting HTTP objects
- HTTP flow analysis and the Follow TCP Stream window
- Analyzing HTTPS traffic – SSL/TLS basics
- Chapter 11. Analyzing Enterprise Applications' Behavior
- Introduction
- Finding out what is running over your network
- Analyzing FTP problems
- Analyzing e-mail traffic and troubleshooting e-mail problems – POP IMAP and SMTP
- Analyzing MS-TS and Citrix communications problems
- Analyzing problems in the NetBIOS protocols
- Analyzing database traffic and common problems
- Chapter 12. SIP Multimedia and IP Telephony
- Introduction
- Using Wireshark's features for telephony and multimedia analysis
- Analyzing SIP connectivity
- Analyzing RTP/RTCP connectivity
- Troubleshooting scenarios for video and surveillance applications
- Troubleshooting scenarios for IPTV applications
- Troubleshooting scenarios for video conferencing applications
- Troubleshooting RTSP
- Chapter 13. Troubleshooting Bandwidth and Delay Problems
- Introduction
- Measuring total bandwidth on a communication link
- Measuring bandwidth and throughput per user and per application over a network connection
- Monitoring jitter and delay using Wireshark
- Discovering delay/jitter-related application problems
- Chapter 14. Understanding Network Security
- Introduction
- Discovering unusual traffic patterns
- Discovering MAC- and ARP-based attacks
- Discovering ICMP and TCP SYN/Port scans
- Discovering DoS and DDoS attacks
- Locating smart TCP attacks
- Discovering brute-force and application attacks
- Appendix A. Links Tools and Reading
- Useful Wireshark links
- tcpdump
- Some additional tools
- Network analysers
- Interesting websites
- Books
- Part 3. Module 3
- Chapter 1. Welcome to the World of Packet Analysis with Wireshark
- Introduction to Wireshark
- A brief overview of the TCP/IP model
- The layers in the TCP/IP model
- An introduction to packet analysis with Wireshark
- Capturing methodologies
- Summary
- Practice questions
- Chapter 2. Filtering Our Way in Wireshark
- An introduction to filters
- Capture filters
- Display filters
- Searching for packets using the Find dialog
- Create new Wireshark profiles
- Summary
- Practice questions
- Chapter 3. Mastering the Advanced Features of Wireshark
- The Statistics menu
- Conversations
- Endpoints
- Working with IO Flow and TCP stream graphs
- IO graphs
- Flow graphs
- TCP stream graphs
- Follow TCP streams
- Expert Infos
- Command Line-fu
- Summary
- Exercise
- Chapter 4. Inspecting Application Layer Protocols
- Domain name system
- File transfer protocol
- Hyper Text Transfer Protocol
- Simple Mail Transfer Protocol
- Summary
- Practice questions
- Chapter 5. Analyzing Transport Layer Protocols
- The transmission control protocol
- The User Datagram Protocol
- Summary
- Practice questions
- Chapter 6. Analyzing Traffic in Thin Air
- Understanding IEEE 802.11
- Usual and unusual WEP – open/shared key communication
- Decrypting WEP and WPA traffic
- Summary
- Practice questions
- Chapter 7. Network Security Analysis
- Information gathering
- ARP poisoning
- Analyzing brute force attacks
- Summary
- Practice questions
- Chapter 8. Troubleshooting
- Recovery features
- Summary
- Practice questions
- Chapter 9. Introduction to Wireshark v2
- The intelligent scroll bar
- Translation
- Graph improvements
- TCP streams
- USBPcap
- Summary
- Practice questions
- Bibliography
- Index 更新時間:2021-07-02 21:23:29
推薦閱讀
- Oracle SOA Governance 11g Implementation
- 計算機應用復習與練習
- Java開發技術全程指南
- 機器學習與大數據技術
- Google App Inventor
- Windows程序設計與架構
- Hadoop Real-World Solutions Cookbook(Second Edition)
- 大數據平臺異常檢測分析系統的若干關鍵技術研究
- Docker High Performance(Second Edition)
- Deep Reinforcement Learning Hands-On
- 電子設備及系統人機工程設計(第2版)
- ESP8266 Robotics Projects
- Spatial Analytics with ArcGIS
- Machine Learning with Spark(Second Edition)
- Embedded Linux Development using Yocto Projects(Second Edition)
- 單片機C51應用技術
- x86/x64體系探索及編程
- Intel Edison Projects
- OSGi原理與最佳實踐
- 服務器配置與應用(Windows Server 2008 R2)
- 網絡互聯組網配置技術
- 單片機系統設計與制作
- 仿人機器人開發指南
- PLC與步進伺服快速入門與實踐
- 多媒體技術基礎及應用
- 存儲技術原理分析
- 機器人+:正在席卷全球的機器人革命
- C#實用開發參考大全
- Learn MongoDB 4.x
- Windows 7使用精解
