To effectively capture and analyze traffic, there must be a way to gather the raw traffic from the network, before being processed by the OS. A packet capture or PCap engine provides an API to capture traffic. Wireshark uses one of several capture engines, such as libpcap, WinPCap, AirPCap, and NPCap. Let's begin with libpcap.
- Title Page
- Copyright and Credits
- Dedication
- About Packt
- Contributors
- Preface
- Section 1: Traffic Capture Overview
- Appreciating Traffic Analysis
- Reviewing packet analysis
- Recognizing who benefits from using packet analysis
- Identifying where to use packet analysis
- Outlining when to use packet analysis
- Getting to know Wireshark
- Summary 
- Questions
- Using Wireshark NG
- Installing Wireshark on a PC or macOS
- Exploring the Wireshark Interface
- Section 2: Getting Started with Wireshark
- Tapping into the Data Stream
- Personalizing the Interface
- Using Display and Capture Filters
- Outlining the OSI Model
- Comprehending the OSI model
- Discovering the purpose, protocols, and PDUs
- Exploring the encapsulation process
- Demonstrating frame formation in Wireshark
- Summary
- Questions
- Section 3: The Internet Suite TCP/IP
- Decoding TCP and UDP
- Managing TCP Connections
- Analyzing IPv4 and IPv6
- Discovering ICMP
- Understanding ARP
- Section 4: Working with Packet Captures
- Troubleshooting Latency Issues
- Subsetting, Saving, and Exporting Captures
- Using CloudShark for Packet Analysis
- Assessment
- Chapter 1: Appreciating Traffic Analysis
- Chapter 2: Using Wireshark NG
- Chapter 3: Installing on a PC or macOS
- Chapter 4: Exploring the Wireshark Interface
- Chapter 5: Tapping into the Data Stream
- Chapter 6: Personalizing the Interface
- Chapter 7: Using Display and Capture Filters
- Chapter 8: Outlining the OSI Model
- Chapter 9: Decoding TCP and UDP
- Chapter 10: Managing TCP Connections
- Chapter 11: Analyzing IPv4 and IPv6
- Chapter 12: Discovering ICMP
- Chapter 13: Understanding ARP
- Chapter 14: Troubleshooting Latency Issues
- Chapter 15: Subsetting, Saving, and Exporting Captures
- Chapter 16:Using CloudShark for Packet Analysis
- Other Books You May Enjoy
Comparing different capture engines
-
No Comment
..................Content has been hidden....................
You can't read the all page of ebook, please click here login for view all page.