Wireshark Fundamentals: A Network Engineer's Handbook to Analyzing Network Traffic
暫譯: Wireshark 基礎:網路工程師的網路流量分析手冊

Jain, Vinit

Wireshark Fundamentals: A Network Engineer's Handbook to Analyzing Network Traffic
  • 出版商: Apress
  • 出版日期: 2022-03-04
  • 售價: $2,080
  • 貴賓價: 9.5$1,976
  • 語言: 英文
  • 頁數: 276
  • 裝訂: Quality Paper - also called trade paper
  • ISBN: 1484280016
  • ISBN-13: 9781484280010
  • 相關分類: Wireshark

    • 海外代購書籍(需單獨結帳)

相關主題

商品描述

Chapter 1: Introduction to Wireshark

Chapter Goal: The goal of the chapter is to help the readers understand the need for Wireshark tool and what are the various ways to install the tool on different operating systems.

No of pages 20-30

Sub -Topics

1. Introduction to Network Traffic Analysis

a. Network Sniffing

2. Wireshark

a. Installing Wireshark

3. Setting up Port Mirroring

a. SPAN on Cisco IOS/IOS-XE

b. SPAN on Cisco Nexus

c. Enabling Port Mirroring on Arista EOS

d. Enabling Port Mirroring on JunOS

Chapter 2: Getting Familiar with Wireshark

Chapter Goal: The goal of this chapter is to familiarize the readers with the wireshark tools, its capabilities and how it can be used in different scenarios.

No of pages: 40-50

Sub - Topics

1. Overview of Wireshark Tool

a. Wireshark Preferences

2. Performing Packet Capture

a. Dissectors

b. Configuration Profiles

c. Filtering with Wireshark

3. Wireshark Capture Files

a. PCAP vs. PCAPng

b. Splitting Packet Captures into multiple files

c. Merging multiple capture files

4. Analyzing packets in Wireshark

a. OSI Model

b. Analyzing packets

Chapter 3: Analyzing Layer-2 and Layer-3 Traffic

Chapter Goal: The goal of this chapter is to familiarize the readers how to analyze layer-2 and layer-3 traffic and the various fields that one needs to look at when analyzing network traffic.

No of pages: 60-70

Sub - Topics

1. Layer-2 Frames

a. Ethernet Frames

2. Layer-3 Packets

a. Address Resolution Protocol

b. IPv4 Packets

c. IPv6 Packets

3. Analyzing QoS Markings

Chapter 4: Analyzing Layer-4 Traffic

Chapter Goal: Goal of this chapter is to help the readers how to analyze TCP and UDP traffic streams and how to identify packet loss issues

No of pages 40-50

Sub - Topics:

1. Understanding TCP/IP Model

a. Problem of Ownership

2. Transmission Control Protocol

a. TCP Flags

b. TCP 3-way Handshake

c. Port Scanning

d. Investigating Packet Loss

e. Troubleshooting with Wireshark Graphs

f. TCP Expert

3. User Datagram Protocol

Chapter 5: Analyzing Routing Protocol Traffic

Chapter Goal: Goal of this chapter is to help the readers get familiar with various routing protocol packet formats and to identify any possible issues with those protocols

No of pages 40-50

Sub - Topics:

1. Routing Protocols

1. OSPF

2. EIGRP

3. BGP

4. PIM

2. Analyzing Overlay Traffic

1. GRE

2. 

商品描述(中文翻譯)

第一章:Wireshark簡介

章節目標:本章的目標是幫助讀者了解Wireshark工具的必要性,以及在不同操作系統上安裝該工具的各種方法。

頁數:20-30

子主題:

1. 網路流量分析簡介
a. 網路嗅探

2. Wireshark
a. 安裝Wireshark

3. 設定端口鏡像
a. Cisco IOS/IOS-XE上的SPAN
b. Cisco Nexus上的SPAN
c. 在Arista EOS上啟用端口鏡像
d. 在JunOS上啟用端口鏡像

第二章:熟悉Wireshark

章節目標:本章的目標是讓讀者熟悉Wireshark工具、其功能以及如何在不同情境中使用它。

頁數:40-50

子主題:

1. Wireshark工具概述
a. Wireshark偏好設定

2. 執行封包擷取
a. 解碼器
b. 配置檔
c. 使用Wireshark過濾

3. Wireshark擷取檔案
a. PCAP與PCAPng
b. 將封包擷取分割成多個檔案
c. 合併多個擷取檔案

4. 在Wireshark中分析封包
a. OSI模型
b. 分析封包

第三章:分析第2層和第3層流量

章節目標:本章的目標是讓讀者熟悉如何分析第2層和第3層流量,以及在分析網路流量時需要關注的各種欄位。

頁數:60-70

子主題:

1. 第2層幀
a. 以太網幀

2. 第3層封包
a. 地址解析協定
b. IPv4封包
c. IPv6封包

3. 分析QoS標記

第四章:分析第4層流量

章節目標:本章的目標是幫助讀者分析TCP和UDP流量,並識別封包丟失問題。

頁數:40-50

子主題:

1. 理解TCP/IP模型
a. 所有權問題

2. 傳輸控制協定
a. TCP標誌
b. TCP三次握手
c. 端口掃描
d. 調查封包丟失
e. 使用Wireshark圖表進行故障排除
f. TCP專家

3. 使用者數據報協定

第五章:分析路由協定流量

章節目標:本章的目標是幫助讀者熟悉各種路由協定的封包格式,並識別這些協定可能存在的問題。

頁數:40-50

子主題:

1. 路由協定
1. OSPF
2. EIGRP
3. BGP
4. PIM

2. 分析覆蓋流量
1. GRE

類似商品