Almost every device around you is connected to some other device over a network with the motive of sharing information or supporting other devices. With this small picture in your mind, what do you think is the most critical part of a network? Obviously, the channel isn't.
This book is written from a standpoint of using Wireshark to understand and troubleshoot commonly seen network anomalies. It can be the start of your journey into the world of networks/traffic/packet analysis. You can be the savior of your generation or the superhero of your team who helps people with connectivity issues, network administration, computer forensics, and so on. If your routine job requires dealing with computer networks, then this book can give you a strong head start. As the tagline says "From 0 to 1337",that is we will start from the basics gradually moving on to the advanced concepts too.
I have tried to cover the most common scenarios that you could come across while troubleshooting, along with hands-on practical cases that can make you understand the concepts better. By mastering packet analysis, you will learn how to troubleshoot all the way down to the bare wires. This will teach you to make sense of the data flowing around. You will find very interesting sections, such as troubleshooting slow networks, analyzing packets over Wi-Fi, malware analysis, and not to forget, the latest features introduced in Wireshark 2.0 in this book. Happy troubleshooting!
Chapter 1, Welcome to the World of Packet Analysis with Wireshark, provides you an introduction to the basics of the TCP/IP model and familiarizes you with the GUI of Wireshark along with a sample packet capture. Here, you will learn how to set up network sniffers for analysis purpose.
Chapter 2, Filtering Our Way in Wireshark, talks about different filtering options available in Wireshark, namely capture and display filters, and how to create and use different profiles. Make yourself comfortable with the rich interface of Wireshark and start capturing what you exactly want to.
Chapter 3, Mastering the Advanced Features in Wireshark, helps you look under the hood of the statistics menu in Wireshark and work with the different command-line utilities that come prepackaged with Wireshark. You will also learn how to prepare graphs, charts, packet flow diagrams, and most important of all, how to become a command-line fu master.
Chapter 4, Inspecting Application Layer Protocols, helps you understand and analyze the normal and unusual behavior of application-layer protocols. Here, we will briefly discuss the techniques you can use to understand the cause. We all are aware of the basics, but have you ever thought how common application-layer protocol traffic can go crazy? In this chapter, you will learn how to deal with them.
Chapter 5, Analyzing Transport Layer Protocols, shows how TCP and UDP protocols work, how they communicate, what problems they face, and how Wireshark can be used to analyze them. Make yourself a transport-layer doctor who can easily figure out common anomalies and prove themselves worthy.
Chapter 6, Analyzing Traffic in Thin Air, shows you how to analyze wireless traffic and pinpoint any problems that may follow. We will dive into the new world of wireless protocol analysis, where you can become a Wi-Fi ninja.
Chapter 7, Network Security Analysis, shows you how to use Wireshark to analyze network security issues, such as malware traffic, intrusion, and footprinting attempts. In this chapter, you will learn how to figure out security anomalies, catch the hackers red handed and make them cry like a baby, and experience how to solve CTF challenges.
Chapter 8, Troubleshooting, teaches you how to configure and use Wireshark to perform network troubleshooting. Here, you will master the art of troubleshooting network issues such as slow networks. You will also learn how to troubleshoot networking problems with the most common daily-life examples.
Chapter 9, Introduction to Wireshark v2, shows you the amazing features launched in the latest release of Wireshark with practical examples, such as USBpcap, intelligent scrollbar, new graphs, and much more.