Wireshark深度解析：从入门到专家必备

4星 · 超过85%的资源需积分: 9 195 浏览量更新于2024-07-20 1 收藏 24.07MB PDF 举报

《精通Wireshark》是一本深入解析网络分析工具Wireshark的实用指南，作者Charit Mishra是一位经验丰富的网络安全顾问和渗透测试员。这本书适合对网络协议、数据包分析和网络安全感兴趣的读者，无论你是初学者还是希望提升专业技能的专家。书中首先从欢迎读者进入网络包分析的世界开始，介绍Wireshark的基本概念，包括TCP/IP模型及其各层功能，以及如何通过Wireshark进行包分析。作者解释了Wireshark的工作原理，涵盖了不同的捕捉方法，如在hub基础架构和switched环境下的操作，以及如何处理ARP欺骗等问题。使用Wireshark的原因在于其强大的捕获和过滤功能，可以帮助用户深入了解网络流量。第二章着重于Wireshark的过滤系统，包括捕获过滤器（Capture Filters）和显示过滤器（Display Filters）。捕获过滤器用于设置特定的条件来筛选出感兴趣的数据包，而显示过滤器则帮助用户在捕获的数据集中进一步精细化分析。书中还提供了实例，教读者如何编写和应用这些过滤器，以便更有效地进行数据包搜索和分析。后续章节分别讲解如何分析应用层和传输层协议，以及在无线环境中解密加密流量。随着读者深入学习，Wireshark的高级特性和网络安全分析技巧被逐步揭示，包括如何利用Wireshark进行网络监控、检测恶意软件和排查网络问题。此外，书中的内容也涵盖了如何解决网络延迟和瓶颈问题，以及对Wireshark 2版本的介绍。作为一位实战专家，Charit Mishra不仅提供了理论知识，还结合自身的行业经验和认证（如OSCP、CEH等）分享了实用技巧。书中还包含了丰富的实践练习题，帮助读者巩固所学并提升实际操作能力。《精通Wireshark》是一本全面且深入的教材，无论是初次接触Wireshark的用户还是希望提升网络分析技能的专业人员，都能从中收获宝贵的知识和实践经验。通过本书，读者将能够掌握Wireshark的安装、界面理解、过滤技术、协议分析、安全监控和故障排除等多个关键技能。

Whatthisbookcovers
Chapter1,WelcometotheWorldofPacketAnalysiswithWireshark,providesyouan
introductiontothebasicsoftheTCP/IPmodelandfamiliarizesyouwiththeGUIof
Wiresharkalongwithasamplepacketcapture.Here,youwilllearnhowtosetupnetwork
sniffersforanalysispurpose.
Chapter2,FilteringOurWayinWireshark,talksaboutdifferentfilteringoptionsavailable
inWireshark,namelycaptureanddisplayfilters,andhowtocreateandusedifferent
profiles.MakeyourselfcomfortablewiththerichinterfaceofWiresharkandstart
capturingwhatyouexactlywantto.
Chapter3,MasteringtheAdvancedFeaturesinWireshark,helpsyoulookunderthehood
ofthestatisticsmenuinWiresharkandworkwiththedifferentcommand-lineutilitiesthat
comeprepackagedwithWireshark.Youwillalsolearnhowtopreparegraphs,charts,
packetflowdiagrams,andmostimportantofall,howtobecomeacommand-linefu
master.
Chapter4,InspectingApplicationLayerProtocols,helpsyouunderstandandanalyzethe
normalandunusualbehaviorofapplication-layerprotocols.Here,wewillbrieflydiscuss
thetechniquesyoucanusetounderstandthecause.Weallareawareofthebasics,but
haveyoueverthoughthowcommonapplication-layerprotocoltrafficcangocrazy?In
thischapter,youwilllearnhowtodealwiththem.
Chapter5,AnalyzingTransportLayerProtocols,showshowTCPandUDPprotocols
work,howtheycommunicate,whatproblemstheyface,andhowWiresharkcanbeused
toanalyzethem.Makeyourselfatransport-layerdoctorwhocaneasilyfigureout
commonanomaliesandprovethemselvesworthy.
Chapter6,AnalyzingTrafficinThinAir,showsyouhowtoanalyzewirelesstrafficand
pinpointanyproblemsthatmayfollow.Wewilldiveintothenewworldofwireless
protocolanalysis,whereyoucanbecomeaWi-Fininja.
Chapter7,NetworkSecurityAnalysis,showsyouhowtouseWiresharktoanalyze
networksecurityissues,suchasmalwaretraffic,intrusion,andfootprintingattempts.In
thischapter,youwilllearnhowtofigureoutsecurityanomalies,catchthehackersred
handedandmakethemcrylikeababy,andexperiencehowtosolveCTFchallenges.
Chapter8,Troubleshooting,teachesyouhowtoconfigureanduseWiresharktoperform
networktroubleshooting.Here,youwillmastertheartoftroubleshootingnetworkissues
suchasslownetworks.Youwillalsolearnhowtotroubleshootnetworkingproblemswith
themostcommondaily-lifeexamples.
Chapter9,IntroductiontoWiresharkv2,showsyoutheamazingfeatureslaunchedinthe
latestreleaseofWiresharkwithpracticalexamples,suchasUSBpcap,intelligentscrollbar,
newgraphs,andmuchmore.