Find your next favorite book

Become a member today and read free for 30 daysStart your free 30 days

Book Information

A Practical Guide Wireshark Forensics

By alasdair gilchrist

Book Actions

Start Reading

Ratings:

Rating: 5 out of 5 stars5/5 (4 ratings)

Length: 46 pages24 minutes

Publisher:: RG Consulting
Released:: Jun 20, 2015
ISBN:: 9781513010519
Format:: Book

Description

A practical guide to capturing and analyzing network traffic using Wireshark.
This book shows real world network traffic analysis and shows the techniques that DevOp teams need to use to detect malicious behavior. Additionally it shows how DevOps can translate packet captures into valuable information by decoding IP packets and detect malicious activity

Book Actions

Start Reading

Book Information

A Practical Guide Wireshark Forensics

By alasdair gilchrist

Ratings:

Rating: 5 out of 5 stars5/5 (4 ratings)

Length: 46 pages24 minutes

Description

Publisher:: RG Consulting
Released:: Jun 20, 2015
ISBN:: 9781513010519
Format:: Book

About the author

alasdair gilchrist

Related authors

Skip carousel

carousel previous carousel next

Related to A Practical Guide Wireshark Forensics

Related Categories

Skip carousel

Book Preview

A Practical Guide Wireshark Forensics - alasdair gilchrist

Workings

A Practical Guide to Wireshark Network Analysis

Wireshark – Practical Analysis and Forensics

What is Wireshark?

How does it work?

Port Mirroring

Downloading Wireshark

Getting Started

Capturing Packets

Color Coding

Filtering Output

Using Wireshark Sample Source Files

Questions

Part A - Ping.pcap

B - Scan.pcap

C – Malicious.pcap

D- portscan.cap

E-deep.cap

Answers with Workings

Wireshark – Practical Analysis and Forensics

––––––––

What is Wireshark?

Wireshark is an open source, network protocol analyzer for Linux and Windows. It has many features as standard such as deep inspection of hundreds of protocols, live capture and offline analysis. Wireshark has an intuitive GUI frontend plus many inbuilt sorting and filtering options making it very simple to use even for beginners. Tshark is the terminal version of Wireshark which is very similar to Tcpdump.

How does it work?

Wireshark works simply by placing the network card on the machine on which it is running into what is called promiscuous mode. In this more of operation the network card will accept any network information not just information specifically addressed to itself, which is the normal mode of operation.

In a hub network, which is rare these days, this will be sufficient as all network traffic will be send out every port on the hub thereby ensuring that the Wireshark network card would receive all traffic traversing the network. Today's modern networks are not hubs though, they are switches, which means only traffic destined for a host station known to be connected on a port is send out that port. This greatly reduces unnecessary traffic on the network. Unfortunately, this means that Wireshark will not receive all the traffic on the network as it will only see traffic exiting the switch, which is destined for its own directly connected network card.

Port Mirroring

The solution to the

You've reached the end of this preview. Sign up to read more!

Start your free trial

Page 1 of 1

Reviews

What people think about A Practical Guide Wireshark Forensics

5.0

Rating: 5 out of 5 stars

4 ratings / 0 reviews

What did you think?

Rating: out of 5 stars

Write a review (optional)

Language

Welcome to Scribd!

Find your next favorite book

Book Information

A Practical Guide Wireshark Forensics

Book Actions

Description

Book Actions

Book Information

A Practical Guide Wireshark Forensics

Description

About the author

Related authors

Related to A Practical Guide Wireshark Forensics

PSD2 - Open Banking for DevOps(Sec)

Concise Guide to DWDM

FinTech Rising: Navigating the maze of US & EU regulations

Concise Guide to OTN optical transport networks

Spreadsheets To Cubes (Advanced Data Analytics for Small Medium Business): Data Science

An Introduction to SDN Intent Based Networking

An Executive Guide to Identity Access Management - 2nd Edition

REST API Design Control and Management

Digital Success: A Holistic Approach to Digital Transformation for Enterprises and Manufacturers

Google Cloud Platform an Architect's Guide

Supply Chain 4.0: From Stocking Shelves to Running the World Fuelled by Industry 4.0

The Certified Ethical Hacker Exam - version 8 (The concise study guide)

Google Cloud Platform for Data Engineering: From Beginner to Data Engineer using Google Cloud Platform

GDPR for DevOp(Sec) - The laws, Controls and solutions

Concise and Simple Guide to IP Subnets

SRS - How to build a Pen Test and Hacking Platform

Tackling Fraud

Thinking Machines

The Layman's Guide GDPR Compliance for Small Medium Business

An Executive Guide Biometrics

A Last Minute Hands-on Guide to GDPR Readiness

Red Herring

A Concise Guide to Object Orientated Programming

An Executive Guide CCPA: The Why, When, Where, What , and Who Guide to the California Consumer Privacy Act -2018

Google Cloud Platform - Networking

Earning a living on the Internet

A Concise Guide to Microservices for Executive (Now for DevOps too!)

Kali Linux Network Scanning Cookbook

GNS3 Network Simulation Guide

The Wireshark Field Guide: Analyzing and Troubleshooting Network Traffic

Mastering Wireshark

An Introduction to SDN Intent Based Networking

INSTANT Kali Linux

Google Cloud Platform an Architect's Guide

The Certified Ethical Hacker Exam - version 8 (The concise study guide)

Wireshark Essentials

Concise Guide to CompTIA Security +

Packet Analysis with Wireshark

Understanding TCP/IP

Kali Linux Cookbook

Wireshark Network Security

Network Analysis Using Wireshark Cookbook

Packet Tracer Network Simulator

Concise and Simple Guide to IP Subnets

Kali Linux – Assuring Security by Penetration Testing

Nmap Essentials

Instant Wireshark Starter

Cisco Packet Tracer for Beginners

Kali Linux Wireless Penetration Testing: Beginner's Guide

UTM Security with Fortinet: Mastering FortiOS

SolarWinds Orion Network Performance Monitor

The Concise Guide to SSL/TLS for DevOps

Getting Started with FortiGate

DNS in Action

Data Networks: Routing, Security, and Performance Optimization

Instant Traffic Analysis with Tshark How-to

Google Cloud Platform - Networking

Heather Land, Comedian and Viral Sensation: Most people know Heather Land from her viral and hilarious "I Ain't Doin' It" videos. But what may surprise you is Heather's journey and her decision to be bold in the midst of a crazy upheaval in her life. Today, Heather and Jessica get deep into...

Weekly Show 410: Broadcast Media Using IP Networks: On today’s Packet Pushers Weekly Show, we discuss how the broadcast media industry leverages IP networks, the initiatives behind the standards and protocols, and why it all matters to data networking professionals.

BTCIOT - bitcoin mesh diary, part 1: To big and ambitious to fit into one tutorial, we explore building a mesh network using the outstanding ESP32 and Espressif's mesh development framework ESP-MDF In this first diary entry, we focus on building a very simple mesh network with broadcast...

Internet Safety for Children: Michael Robb, Research Director with Common Sense Media shares helpful tips and advice on how to help kids thrive in a world of media and technology, all while staying safe online. Tune in on The Bistro.

VMware NSX Edge Gateway & Distributed Firewall with Tim Davis @aldtd: VMware NSX Edge Gateway & Distributed Firewall with Tim Davis @aldtd

Show 366: Inside Cisco EVPN (Sponsored): The Packet Pushers and sponsor Cisco dive into EVPN to explore how it works and find out why it's attracting the attention of enterprises and carriers for use cases such as data center interconnect and Carrier Ethernet.

Internet Trolls & Cancel Culture: This week the girls open up a discussion about internet trolls and cancel culture. They share their opinions about why they believe nobody owes you anything & why it can be a scary place on social media. They share their personal experiences &...

Heather Land, Comedian and Viral Sensation: Most people know Heather Land from her viral and hilarious "I Ain't Doin' It" videos. But what may surprise you is Heather's journey and her decision to be bold in the midst of a crazy upheaval in her life. Today, Heather and Jessica get deep into...

S2 Ep 1: TANYA BURR - Actress & Influencer: Actress and social media powerhouse, with over three million followers on Instagram, Twitter and subscribers on YouTube, Tanya Burr is unstoppable! Inviting us into her stunning home (where Lily has been for many a party!) Tanya explained the challenge...