Wireshark Fundamentals: A Network Engineer's Handbook to Analyzing Network Traffic
Vinit Jain
Résumé
Understand the fundamentals of the Wireshark tool that is key for network engineers and network security analysts. This book explains how the Wireshark tool can be used to analyze network traffic and teaches you network protocols and features.
Author Vinit Jain walks you through the use of Wireshark to analyze network traffic by expanding each section of a header and examining its value. Performing packet capture and analyzing network traffic can be a complex, time-consuming, and tedious task. With the help of this book, you will use the Wireshark tool to its full potential. You will be able to build a strong foundation and know how Layer 2, 3, and 4 traffic behave, how various routing protocols and the Overlay Protocol function, and you will become familiar with their packet structure.
Troubleshooting engineers will learn how to analyze traffic and identify issues in the network related to packet loss, bursty traffic, voice quality issues, etc. The book will help you understand the challenges faced in any network environment and how packet capture tools can be used to identify and isolate those issues.
This hands-on guide teaches you how to perform various lab tasks. By the end of the book, you will have in-depth knowledge of the Wireshark tool and its features, including filtering and traffic analysis through graphs. You will know how to analyze traffic, find patterns of offending traffic, and secure your network.
What You Will Learn
- Understand the architecture of Wireshark on different operating systems
- Analyze Layer 2 and 3 traffic frames
- Analyze routing protocol traffic
- Troubleshoot using Wireshark Graphs
Who This Book Is For
Network engineers, security specialists, technical support engineers, consultants, and cyber security engineers
Chapter 1: Introduction to Wireshark
Chapter Goal: The goal of the chapter is to help the readers understand the need for Wireshark tool and what are the various ways to install the tool on different operating systems.
No of pages 20-30
Sub -Topics
1. Introduction to Network Traffic Analysis
a. Network Sniffing
2. Wireshark
a. Installing Wireshark
3. Setting up Port Mirroring
a. SPAN on Cisco IOS/IOS-XE
b. SPAN on Cisco Nexus
c. Enabling Port Mirroring on Arista EOS
d. Enabling Port Mirroring on JunOS
Chapter 2: Getting Familiar with Wireshark
Chapter Goal: The goal of this chapter is to familiarize the readers with the wireshark tools, its capabilities and how it can be used in different scenarios.
No of pages : 40-50
Sub - Topics
1. Overview of Wireshark Tool
a. Wireshark Preferences
2. Performing Packet Capture
a. Dissectors
b. Configuration Profiles
c. Filtering with Wireshark
3. Wireshark Capture Files
a. PCAP vs. PCAPng
b. Splitting Packet Captures into multiple files
c. Merging multiple capture files
4. Analyzing packets in Wireshark
a. OSI Model
b. Analyzing packets
Chapter 3: Analyzing Layer-2 and Layer-3 Traffic
Chapter Goal: The goal of this chapter is to familiarize the readers how to analyze layer-2 and layer-3 traffic and the various fields that one needs to look at when analyzing network traffic.
No of pages : 60-70
Sub - Topics
1. Layer-2 Frames
a. Ethernet Frames
2. Layer-3 Packets
a. Address Resolution Protocol
b. IPv4 Packets
c. IPv6 Packets
3. Analyzing QoS Markings
Chapter 4: Analyzing Layer-4 Traffic
Chapter Goal: Goal of this chapter is to help the readers how to analyze TCP and UDP traffic streams and how to identify packet loss issues
No of pages : 40-50
Sub - Topics:
1. Understanding TCP/IP Model
a. Problem of Ownership
2. Transmission Control Protocol
a. TCP Flags
b. TCP 3-way Handshake
c. Port Scanning
d. Investigating Packet Loss
e. Troubleshooting with Wireshark Graphs
f. TCP Expert
3. User Datagram Protocol
Chapter 5: Analyzing Routing Protocol Traffic
Chapter Goal: Goal of this chapter is to help the readers get familiar with various routing protocol packet formats and to identify any possible issues with those protocols
No of pages : 40-50
Sub - Topics:
1. Routing Protocols
1. OSPF
2. EIGRP
3. BGP
4. PIM
2. Analyzing Overlay Traffic
1. GRE
2. IPSEC
3. LISP
4. VXLAN
Vinit is a speaker at various networking forums, including Cisco Live events, NANOG, and CHINOG. He has co-authored several Cisco Press books and video courses with Cisco Press. Vinit holds a Bachelor of Arts degree in Mathematics from Delhi University and also holds a Master of Science in Information Technology. Apart from CCIE, he also holds multiple certifications in programming, database, and system administration and is also a Certified Ethical Hacker. Vinit can be found on twitter @vinugenie.
Caractéristiques techniques
| PAPIER | |
| Éditeur(s) | Apress |
| Auteur(s) | Vinit Jain |
| Parution | 03/03/2022 |
| Nb. de pages | 257 |
| EAN13 | 9781484280010 |
Avantages Eyrolles.com
Consultez aussi
- Les meilleures ventes en Graphisme & Photo
- Les meilleures ventes en Informatique
- Les meilleures ventes en Construction
- Les meilleures ventes en Entreprise & Droit
- Les meilleures ventes en Sciences
- Les meilleures ventes en Littérature
- Les meilleures ventes en Arts & Loisirs
- Les meilleures ventes en Vie pratique
- Les meilleures ventes en Voyage et Tourisme
- Les meilleures ventes en BD et Jeunesse
