A quick and easy guide to getting started with network analysis using Wireshark
- Learn something new in an Instant! A short, fast, focused guide delivering immediate results.
- Documents key features and tasks that can be performed using Wireshark
- Covers details of filters, statistical analysis, and other important tasks
- Also includes advanced topics like decoding captured data, name resolution, and reassembling
Wireshark is by far the most popular network traffic analyzing tool.
It not only provides an interface for traffic capture but also provides a rich platform for an in-depth analysis of the traffic. The GUI provides a very user friendly and interactive media that simplifies the process of network forensics. This concise book provides a perfect start to getting hands-on with packet analysis using Wireshark.
Wireshark Starter is the perfect guide for new learners who are willing to dive into the world of computer networks. Walking you through from the very start, it transitions smoothly to cover core topics like filters, decoding packets, command line tools, and more. It covers every inch of Wireshark in a concise and comprehensive manner.
Wireshark Starter has been designed keeping basic learners in mind. After initial setup, the book leads you through your first packet capture followed by some core topics like analyzing the captured traffic and understanding filters.
You will then be guided through more detailed topics like the decoding of captured packets, generating graphs based on statistics, and name resolution. Finally the book concludes by providing information about further references and official sources to learn more about the tool.
Table of Contents
Instant Wireshark Starter
- Instant Wireshark Starter
- About the author
- About the reviewer
1. Instant Wireshark Starter
- So, what is Wireshark?
- Step 1 – what do I need?
- Step 2 – downloading Wireshark
- Step 3 - installing Wireshark
- And that's it!
- Building Wireshark from source
- Installing Wireshark on Unix through binaries
- Installing from RPM
- Setting up the subversion client
Quick start – your first packet capture
- Getting started with network interface selection
- A quick look at the Wireshark GUI
- Wireshark GUI panels
- Capture panel
- Packet details panel
- Packet bytes panel
- Setting up filters
- Working with the Filter Expression dialog box
- Capturing live data
- Understanding the Wireshark coloring scheme
- Working with captured packets
- Searching for packets
- Marking packets
- Saving captured data
- Exporting and merging packets
- Printing packets
- Input/Output graph window
- Copying and saving
- File input/output
- Expert Infos
- Using preferences
Top 5 features you need to know about
- Working with packet streams
- Decoding packets and exporting objects
- Statistics of the captured packets
- Name resolution and packet reassembling
- Wireshark command-line tools
- Wireshark activity
- People and places you should get to know
- Title: Instant Wireshark Starter
- Release date: January 2013
- Publisher(s): Packt Publishing
- ISBN: 9781849695640