Analysis of packages. WireShark and TCPDUMP practical guide to solve real
Please sign in so that we can notify you about a reply
This book is dedicated to the analysis of packages in Wireshark - the most popular network analyzer in the world. Starting from the basics of the organization of networks, the description of the protocols for the exchange of data in them and the methods of connecting to the network to intercept packages, this book explains the methods of identifying at the level of analyzed packages and eliminating various problems that arise in networks, including communication loss, web-adherent analysis, and packages, identifying slow operation of the network, lack of access to the Internet, infection of malicious code, violation of network security. On specific examples from the interception files in the book, it is clearly shown that it gives analysis of packages for diagnosing networks in a variety of scenarios that arise during their operation.
The book is addressed to all those network engineers and system administrators who are interested in analyzing packages for the diagnosis of both wired and wireless networks, regardless of the level of qualifications.
Analyze packages both in wire and wireless networks using Wireshark - the most popular network analyzer in the world - is not at all difficult.
But how, on the basis of the analysis of these packages, find out what really happens on the network?
Having read this third edition of the book, updated according to Wireshark 2.x, you will learn how to understand the intercepted packages and better understand the tasks of the networks that are facing you. In it you will find an additional presentation of the IPV6 and SMTP network protocols, a new chapter dedicated to effective TCPDUMP and TSHARK packages operating in command line mode, as well as an application, which explains how to interpret the data from packages manually using packages of packages.
The main topics of the book
Conducting the current analysis of network traffic in real time and its active interception
Drawing up special filters for interception and display of packages
Analysis of packages to identify and resolve typical problems arising on the network, including communication loss, slow operation of the network and solving issues related to the DNS service
The study of modern sets of exploits (means of exploitation of vulnerabilities) and malicious programs at the package level
Election of files sent over the network from intercepted packages
Construction of graphs from intercepted network traffic for a visual presentation of data flows passing over the network
The use of additional Wireshark tools to understand incomprehensible samples of interception of network traffic
Drawing up statistical and other reports that help better explain technical data to non -specialists
Regardless of the level of your qualifications, this book will help to learn how to use popular network analyzers and with their help to understand the state of any networks and quickly solve problems that arise in them.
About the author
Chris Sanders - consultant, researcher and network security instructor. In addition to this book, he wrote the book Applied Network Security Monitoring. Chris regularly analyzes packages to identify attackers and malicious code on the network
The book is addressed to all those network engineers and system administrators who are interested in analyzing packages for the diagnosis of both wired and wireless networks, regardless of the level of qualifications.
Analyze packages both in wire and wireless networks using Wireshark - the most popular network analyzer in the world - is not at all difficult.
But how, on the basis of the analysis of these packages, find out what really happens on the network?
Having read this third edition of the book, updated according to Wireshark 2.x, you will learn how to understand the intercepted packages and better understand the tasks of the networks that are facing you. In it you will find an additional presentation of the IPV6 and SMTP network protocols, a new chapter dedicated to effective TCPDUMP and TSHARK packages operating in command line mode, as well as an application, which explains how to interpret the data from packages manually using packages of packages.
The main topics of the book
Conducting the current analysis of network traffic in real time and its active interception
Drawing up special filters for interception and display of packages
Analysis of packages to identify and resolve typical problems arising on the network, including communication loss, slow operation of the network and solving issues related to the DNS service
The study of modern sets of exploits (means of exploitation of vulnerabilities) and malicious programs at the package level
Election of files sent over the network from intercepted packages
Construction of graphs from intercepted network traffic for a visual presentation of data flows passing over the network
The use of additional Wireshark tools to understand incomprehensible samples of interception of network traffic
Drawing up statistical and other reports that help better explain technical data to non -specialists
Regardless of the level of your qualifications, this book will help to learn how to use popular network analyzers and with their help to understand the state of any networks and quickly solve problems that arise in them.
About the author
Chris Sanders - consultant, researcher and network security instructor. In addition to this book, he wrote the book Applied Network Security Monitoring. Chris regularly analyzes packages to identify attackers and malicious code on the network
Author:
Author:Sanders Chris Chris
Cover:
Cover:Soft
Category:
- Category:Computer & Technology
Publication language:
Publication Language:Russian
Paper:
Paper:White
ISBN:
ISBN:978-5-6040723-0-1
No reviews found