Wireshark & Ethereal Network Protocol Analyzer Toolkit, Jay Beale's Open Source Security Series
- 7h 30m
- Angela Orebaugh
- Elsevier Science and Technology Books, Inc.
- 2007
If you are looking for a comprehensive guide to help you unleash the powers of Wireshark, you’ve come to the right place. Wireshark is the best open-source network analyzer available. It is packed with features comparable to commercial network analyzers, and with a large, diverse collection of authors, new enhancements are continually developed. Wireshark is a stable and useful component for all network toolkits, and new features and bug fixes are always being developed. A lot of progress has been made since the early days of Wireshark (when it was still called Ethereal); the application now performs comparably to (and in some regards better than) commercial sniffing software.
- Use Wireshark in Your Existing Network Architecture - The correct placement of Wireshark in your network architecture is critical to capture the data you need.
- Secure and Optimize Wireshark - Capture packets using the appropriate security privileges; analyze packets with the least privilege possible.
- Install on Windows, Linux, Mac OS X, or from Source Code - Complete instructions on downloading binary packages and source.
- Write Display Filters - Use keywords for comparing host names and addresses, hardware addresses, ports, and protocols.
- Write Capture Filters - Capture filters operate quickly and are good for limiting the number of packets captured by Wireshark.
- Analyze Real-World Packet Captures - Read the captures and learn what to look for and how to identify various types of network traffic.
- Master Wireless Sniffing - Wireshark has sophisticated wireless protocol analysis support to help administrators troubleshoot wireless networks.
- Optimize Wireshark’s Accompanying Programs - Including TShark, editcap, mergecap, text2pcap, capinfos, dumpcap.
About the Author
Angela Orebaugh is an industry-recognized security technology visionary and scientist, with over 12 years hands-on experience. She currently performs leading-edge security consulting and works in research and development to advance the state of the art in information systems security. Angela currently participates in several security initiatives for the National Institute of Standards and Technology (NIST). She is the lead scientist for the National Vulnerability Database and author of several NIST Special Publications on security technologies. Angela has over a decade of experience in information technology, with a focus on perimeter defense, secure network design, vulnerability discovery, penetration testing, and intrusion detection systems. She has a Masters in Computer Science, and is currently pursuing her Ph. D. with a concentration in Information Security at George Mason University. Angela is the author of the Syngress best seller Ethereal Packet Sniffing (ISBN: 1932266828). She has also co-authored the Snort Cookbook and Intrusion Prevention and Active Response: Deploying Network and Host IPS (Syngress, ISBN: 193226647X). Angela is a researcher, writer, and speaker for SANS Institute and faculty for The Institute for Applied Network Security and George Mason University. Angela has a wealth of knowledge from industry, academia, and government from her consulting experience with prominent Fortune 500 companies, the Department of Defense, dot-com startups, and universities. She is a frequently invited speaker at a variety of conferences and security events.
In this Book
-
Wireshark & Ethereal Network Protocol Analyzer Toolkit, Jay Beale's Open Source Security Series
-
Introducing Network Analysis
-
Introducing Wireshark: Network Protocol Analyzer
-
Getting and Installing Wireshark
-
Using Wireshark
-
Filters
-
Wireless Sniffing with Wireshark
-
Real World Packet Captures
-
Developing Wireshark
-
Other Programs Packaged with Wireshark