Packet Analysis with Wireshark
暫譯: 使用 Wireshark 進行封包分析

Anish Nath

  • 出版商: Packt Publishing
  • 出版日期: 2015-11-30
  • 定價: $1,480
  • 售價: 8.0$1,184
  • 語言: 英文
  • 頁數: 172
  • 裝訂: Paperback
  • ISBN: 1785887815
  • ISBN-13: 9781785887819
  • 相關分類: Wireshark
  • 立即出貨 (庫存=1)

買這商品的人也買了...

商品描述

Leverage the power of Wireshark to troubleshoot your networking issues by using effective packet analysis techniques and performing improved protocol analysis

About This Book

  • Gain hands-on experience of troubleshooting errors in TCP/IP and SSL protocols through practical use cases
  • Identify and overcome security flaws in your network to get a deeper insight into security analysis
  • This is a fast-paced book that focuses on quick and effective packet captures through practical examples and exercises

Who This Book Is For

If you are a network or system administrator who wants to effectively capture packets, a security consultant who wants to audit packet flows, or a white hat hacker who wants to view sensitive information and remediate it, this book is for you. This book requires decoding skills and a basic understanding of networking.

What You Will Learn

  • Utilize Wireshark's advanced features to analyze packet captures
  • Locate the vulnerabilities in an application server
  • Get to know more about protocols such as DHCPv6, DHCP, DNS, SNMP, and HTTP with Wireshark
  • Capture network packets with tcpdump and snoop with examples
  • Find out about security aspects such as OS-level ARP scanning
  • Set up 802.11 WLAN captures and discover more about the WAN protocol
  • Enhance your troubleshooting skills by understanding practical TCP/IP handshake and state diagrams

In Detail

Wireshark provides a very useful way to decode an RFC and examine it. The packet captures displayed in Wireshark give you an insight into the security and flaws of different protocols, which will help you perform the security research and protocol debugging.

The book starts by introducing you to various packet analyzers and helping you find out which one best suits your needs. You will learn how to use the command line and the Wireshark GUI to capture packets by employing filters. Moving on, you will acquire knowledge about TCP/IP communication and its use cases. You will then get an understanding of the SSL/TLS flow with Wireshark and tackle the associated problems with it. Next, you will perform analysis on application-related protocols. We follow this with some best practices to analyze wireless traffic. By the end of the book, you will have developed the skills needed for you to identify packets for malicious attacks, intrusions, and other malware attacks.

商品描述(中文翻譯)

利用 Wireshark 的強大功能來排除網路問題,透過有效的封包分析技術和改進的協定分析來達成

本書簡介


  • 透過實際案例獲得 TCP/IP 和 SSL 協定故障排除的實作經驗

  • 識別並克服網路中的安全漏洞,以深入了解安全分析

  • 這是一本快速進行的書籍,專注於透過實際範例和練習進行快速有效的封包擷取

本書適合誰閱讀

如果您是希望有效擷取封包的網路或系統管理員、希望審核封包流的安全顧問,或是希望查看敏感資訊並進行修復的白帽駭客,那麼這本書適合您。本書需要解碼技能和基本的網路知識。

您將學到什麼


  • 利用 Wireshark 的進階功能來分析封包擷取

  • 定位應用伺服器中的漏洞

  • 透過 Wireshark 更深入了解 DHCPv6、DHCP、DNS、SNMP 和 HTTP 等協定

  • 使用 tcpdump 和 snoop 擷取網路封包並提供範例

  • 了解 OS 層級的 ARP 掃描等安全方面

  • 設置 802.11 WLAN 擷取並探索 WAN 協定

  • 透過理解實際的 TCP/IP 握手和狀態圖來提升您的故障排除技能

詳細內容

Wireshark 提供了一種非常有用的方式來解碼 RFC 並進行檢查。Wireshark 顯示的封包擷取讓您深入了解不同協定的安全性和缺陷,這將幫助您進行安全研究和協定除錯。

本書首先介紹各種封包分析器,幫助您找出最適合您需求的工具。您將學習如何使用命令列和 Wireshark GUI 透過使用過濾器來擷取封包。接著,您將獲得有關 TCP/IP 通信及其使用案例的知識。然後,您將了解 SSL/TLS 流程並解決相關問題。接下來,您將對應用相關的協定進行分析。我們隨後將介紹一些分析無線流量的最佳實踐。在本書結束時,您將具備識別惡意攻擊、入侵和其他惡意軟體攻擊的封包所需的技能。