Wireshark for Network Forensics (eBook)
XIX, 271 Seiten
Apress (Verlag)
978-1-4842-9001-9 (ISBN)
With the advent of emerging and complex technologies, traffic capture and analysis play an integral part in the overall IT operation. This book outlines the rich set of advanced features and capabilities of the Wireshark tool, considered by many to be the de-facto Swiss army knife for IT operational activities involving traffic analysis. This open-source tool is available as CLI or GUI. It is designed to capture using different modes, and to leverage the community developed and integrated features, such as filter-based analysis or traffic flow graph view.
You'll start by reviewing the basics of Wireshark, and then examine the details of capturing and analyzing secured application traffic such as SecureDNS, HTTPS, and IPSec. You'll then look closely at the control plane and data plane capture, and study the analysis of wireless technology traffic such as 802.11, which is the common access technology currently used, along with Bluetooth. You'll also learn ways to identify network attacks, malware, covert communications, perform security incident post mortems, and ways to prevent the same.
The book further explains the capture and analysis of secure multimedia traffic, which constitutes around 70% of all overall internet traffic. Wireshark for Network Forensics provides a unique look at cloud and cloud-native architecture-based traffic capture in Kubernetes, Docker-based, AWS, and GCP environments.
What You'll Learn
- Review Wireshark analysis and network forensics
- Study traffic capture and its analytics from mobile devices
- Analyze various access technology and cloud traffic
- Write your own dissector for any new or proprietary packet formats
- Capture secured application traffic for analysis
Who This Book Is For
IT Professionals, Cloud Architects, Infrastructure Administrators, and Network/Cloud Operators
Nagendra Kumar Nainar (CCIE#20987) is a Principal Engineer with Cisco Customer Experience(CX) Organization (Formerly TAC), focusing on Enterprise customers. He is the co-inventor of more than 130 patent applications in different technologies including Virtualization/Container technologies. He is the co-author of multiple Internet RFCs, various Internet drafts and IEEE papers. Nagendra also co-authored multiple technical books with leading publishers such as Cisco Press and Packt Publication. He is a guest lecturer in North Carolina State University and a speaker in different network forums.
With the advent of emerging and complex technologies, traffic capture and analysis play an integral part in the overall IT operation. This book outlines the rich set of advanced features and capabilities of the Wireshark tool, considered by many to be the de-facto Swiss army knife for IT operational activities involving traffic analysis. This open-source tool is available as CLI or GUI. It is designed to capture using different modes, and to leverage the community developed and integrated features, such as filter-based analysis or traffic flow graph view. You'll start by reviewing the basics of Wireshark, and then examine the details of capturing and analyzing secured application traffic such as SecureDNS, HTTPS, and IPSec. You'll then look closely at the control plane and data plane capture, and study the analysis of wireless technology traffic such as 802.11, which is the common access technology currently used, along with Bluetooth. You'll also learn waysto identify network attacks, malware, covert communications, perform security incident post mortems, and ways to prevent the same. The book further explains the capture and analysis of secure multimedia traffic, which constitutes around 70% of all overall internet traffic. Wireshark for Network Forensics provides a unique look at cloud and cloud-native architecture-based traffic capture in Kubernetes, Docker-based, AWS, and GCP environments. What You'll LearnReview Wireshark analysis and network forensicsStudy traffic capture and its analytics from mobile devicesAnalyze various access technology and cloud trafficWrite your own dissector for any new or proprietary packet formatsCapture secured application traffic for analysisWho This Book Is ForIT Professionals, Cloud Architects, Infrastructure Administrators, and Network/Cloud Operators
Erscheint lt. Verlag | 30.12.2022 |
---|---|
Zusatzinfo | XIX, 271 p. 225 illus., 2 illus. in color. |
Sprache | englisch |
Themenwelt | Informatik ► Netzwerke ► Sicherheit / Firewall |
Schlagworte | Cloud and cloudnative wireshark capture • Multimedia capture • Wireshark • Wireshark capture filter • Wireshark decryption |
ISBN-10 | 1-4842-9001-1 / 1484290011 |
ISBN-13 | 978-1-4842-9001-9 / 9781484290019 |
Haben Sie eine Frage zum Produkt? |
Größe: 27,2 MB
DRM: Digitales Wasserzeichen
Dieses eBook enthält ein digitales Wasserzeichen und ist damit für Sie personalisiert. Bei einer missbräuchlichen Weitergabe des eBooks an Dritte ist eine Rückverfolgung an die Quelle möglich.
Dateiformat: PDF (Portable Document Format)
Mit einem festen Seitenlayout eignet sich die PDF besonders für Fachbücher mit Spalten, Tabellen und Abbildungen. Eine PDF kann auf fast allen Geräten angezeigt werden, ist aber für kleine Displays (Smartphone, eReader) nur eingeschränkt geeignet.
Systemvoraussetzungen:
PC/Mac: Mit einem PC oder Mac können Sie dieses eBook lesen. Sie benötigen dafür einen PDF-Viewer - z.B. den Adobe Reader oder Adobe Digital Editions.
eReader: Dieses eBook kann mit (fast) allen eBook-Readern gelesen werden. Mit dem amazon-Kindle ist es aber nicht kompatibel.
Smartphone/Tablet: Egal ob Apple oder Android, dieses eBook können Sie lesen. Sie benötigen dafür einen PDF-Viewer - z.B. die kostenlose Adobe Digital Editions-App.
Buying eBooks from abroad
For tax law reasons we can sell eBooks just within Germany and Switzerland. Regrettably we cannot fulfill eBook-orders from other countries.
aus dem Bereich