| Description |
1 online resource (1 volume) : illustrations |
| Series |
Community experience distilled |
|
Community experience distilled.
|
| Note |
Includes index. |
| Contents |
""Cover ""; ""Copyright""; ""Credits""; ""About the Author""; ""Acknowledgment""; ""About the Reviewers""; ""www.PacktPub.com""; ""Table of Contents""; ""Preface""; ""Chapter 1: Getting Started with Wireshark � What, Why, and How? ""; ""Sniffing""; ""The purpose of sniffing""; ""Packet analysis""; ""The tools of the trade""; ""What is Wireshark?""; ""The Wireshark interface � Before starting the capture ""; ""Title""; ""Menu""; ""Main toolbar""; ""Filter toolbar""; ""Capture frame""; ""Capture Help""; ""The Files menu""; ""Online""; ""The Status bar""; ""First packet capture"" |
|
SummaryChapter 2 : Tweaking Wireshark -- Filtering our way through Wireshark -- Capture filters -- Display filters -- The list of display filters -- Wireshark profiles -- Creating a new profile -- Essential techniques in Wireshark -- The Summary window -- The Protocol Hierarchy window -- The Conversations window -- The Endpoints window -- The Expert Infos window -- Wireshark command-line fu -- tshark -- Starting the capture -- Saving the capture to a file -- Using filters -- Statistics -- capinfos -- editcap -- mergecap -- Summary |
|
Chapter 3 : Analyzing Threats to LAN SecurityAnalyzing clear-text traffic -- Viewing credentials in Wireshark -- FTP -- Telnet -- HTTP -- TFTP -- Reassembling data stream -- Case study -- Examining sniffing attacks -- MAC flooding -- ARP poisoning -- Analyzing network reconnaissance techniques -- Examining network scanning activities -- Detect the scanning activity for live machines -- Identify port scanning attempts -- Other scanning attempts -- OS fingerprinting attempts -- Detect password cracking attempts -- Brute-force attacks |
|
Identifying POP3 password crackingHTTP basic authentication -- Dictionary-based attacks -- Detecting FTP password cracking -- Miscellaneous attacks -- FTP bounce attack -- DNS zone transfer -- SSL stripping attack -- Complementary tools to Wireshark -- Xplico -- Sysdig -- Pcap2XML -- SSHFlow -- Important display filters -- Filters based on protocols -- DNS -- FTP -- HTTP -- Filters based on unique signatures and regular expressions -- Regular expressions -- Nailing the CTF challenge -- Summary -- Chapter 4 : Probing E-mail Communications |
|
""E-mail forensics challenges""""Challenge 1 � Normal login session""; ""Challenge 2 � Corporate espionage""; ""Analyzing attacks on e-mail communications""; ""Detecting SMTP enumeration""; ""Using an auxiliary module in Metasploit ""; ""Analyzing SMTP relay attack""; ""Important filters""; ""Summary""; ""Chapter 5 : Inspecting Malware Traffic""; ""Gearing up Wireshark""; ""Updated columns""; ""Updated coloring rules""; ""Important display filters""; ""Malicious traffic analysis""; ""Case study � Blackhole exploit kit""; ""Protocols in action""; ""The IP address of the infected box"" |
| Summary |
If you are network administrator or a security analyst with an interest in using Wireshark for security analysis, then this is the book for you. Basic familiarity with common network and application services terms and technologies is assumed. |
| Subject |
Computer networks -- Quality control.
|
|
Network performance (Telecommunication)
|
|
Computer networks -- Security measures -- Computer programs.
|
|
Réseaux d'ordinateurs -- Qualité -- Contrôle. |
|
Performance des réseaux (Télécommunications) |
|
Réseaux d'ordinateurs -- Sécurité -- Mesures -- Logiciels. |
|
Computer networks -- Quality control |
|
Computer networks -- Security measures -- Computer programs |
|
Network performance (Telecommunication) |
| Added Title |
Succinct guide to securely administer your network using Wireshark |
| Other Form: |
Print version: Verma, Piyush. Wireshark network security : a succinct guide to securely administer your network using Wireshark. Birmingham, England ; Mumbai, [India] : Packt Publishing, ©2015 viii, 117 pages 9781784393335 |
| ISBN |
1784399515 |
|
9781784399511 (electronic bk.) |
|
More Resources