Chapter 6. Analyzing Network Data Traffic

Chapter Outline

Introduction

6-1 Protocol Analysis/Forensics

6-2 Wireshark Protocol Analyzer

6-3 Analyzing Network Data Traffic

6-4 Filtering

Summary

Questions and Problems

Objectives

• Review the TCP/IP suite of protocols

• Introduce the use of netstat for troubleshooting TCP and UDP connections

• Introduce the use of the Wireshark network protocol analyzer

• The use of SNMP for the gathering of the statistical information from network devices

• Introduce the use of NetFlow for acquiring IP traffic operational data

• Introduce filtering techniques for analyzing network data traffic

Key Terms

network forensics

Internet sockets

well-known ports

ICANN

registered ports

transport layer protocols

TCP

connection-oriented ...

Get A Practical Guide to Advanced Networking, Third Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.