Mastering Wireshark 3: Take network analysis and network forensics with Wireshark a step further and detect threat intrusion, 2nd Edition

Mastering Wireshark 3: Take network analysis and network forensics with Wireshark a step further and detect threat intrusion, 2nd Edition

English | MP4 | AVC 1920×1080 | AAC 48KHz 2ch | 3h 41m | 840 MB

Step up your network analysis and network forensics skills with Wireshark

Mastering Wireshark 3 (2nd Edition) will help you gain expertise in securing your network. As you progress through the course, you will discover different and important ways to create, use, capture, and display filters.

Learn to master Wireshark’s features, analyze different layers of your network protocol, and search for abnormality in your network traffic. The course focuses on packet analysis for security tasks, command-line utilities, and tools that manage trace files.

You will delve into analyzing applications aimed primarily at web browsing; master commands that can also be set up and configured to run from the command prompt; and learn to use the new feature in Cisco routers and switches to capture packets directly from devices and mirror (SPAN) ports. Lastly, you’ll learn to expand upon the capabilities and functions of Wireshark plugins and APIs and build on your Python skills by using PyShark to modify how Wireshark captures and filters packets.

By the end of this course, you’ll have learned to customize Wireshark in-depth for network security analysis using commonly used protocols and to configure it effectively for troubleshooting and daily monitoring purposes.

What You Will Learn

  • Understand how to use Wireshark to help troubleshoot dropped packets, latency issues, and malicious activity on your network
  • Learn to capture and analyze network traffic to understand what is happening on your network.
  • Troubleshoot network problems by analyzing network latency, performance, and availability. Detect, diagnose, and resolve network performance issues.
  • Examine security issues to protect your network from malicious code and network vulnerabilities.
  • Verify network communications to analyze your network strength and connections and ensure good network quality.
  • Analyze network protocols to capture data for further analysis and understand of the technical means necessary packets.
  • Analyze application protocols to troubleshoot network problems and use them to examine security problems.
  • Expand Wireshark’s capabilities and functions with plugins and APIs.
  • Use PyShark to modify how Wireshark captures and filters packets.
Table of Contents

Customization of Wireshark
1 The Course Overview
2 Installation and Customization
3 Preferences and Profiles
4 Overview of GUI
5 Colorizing Traffic
6 Wireshark Requirements and Platforms

Using Wireshark for Capturing and Examining Traffic
7 Sources of Packet Captures
8 Capturing Packets
9 View Settings and Saving Packet Captures
10 Capture Filters
11 Time Values and Summaries
12 Trace File Statistics
13 Expert System Usage

Examining and Analyzing Traffic Analysis
14 Display Filters
15 Display Filter Macros
16 Display Filter Expression
17 Conversation Filter
18 Exporting Captures

Analyzing Network Protocols
19 Follow Protocol Streams
20 Reviewing Statistics
21 Telephony and Wireless
22 UDP Overview and Analysis
23 TCP Overview and Analysis
24 Graph I O Rates and TCP Trends

Analyzing Application Protocols
25 DHCP Analysis
26 HTTP Analysis
27 FTP Analysis
28 VoIP Analysis
29 Sample Traffic Captures

Wireshark Command-Line Tools
30 Why Use the Command-Line
31 Wireshark from Command-Line
32 Running TShark
33 Running Dumpcap
34 Running TShark with PowerShell

Expanding and Troubleshooting Wireshark
35 Choosing What to Capture
36 Capture Scenario
37 Analyzing Scenario Traffic
38 Capturing Options
39 Optional Plugins

Expanding Wireshark
40 Using Mirror (SPAN) Ports on Cisco Devices
41 Prerequisites for Cisco Packet Capture
42 Using Cisco Packet Capture
43 Wireshark Plugins and API
44 Analyzing Networking Traffic Using the PyShark Library