چه کسانی این کتاب را می‌خوانند

دانشجوعلاقه‌مند یادگیری
کتابخوان حرفه‌ایلذت مطالعه
نویسندهالهام‌گیری

Practical packet analysis : using Wireshark to solve real-world network problems

Chris Sanders, Chris Sanders

قیمت نهایی

۴۴٬۰۰۰ تومان۴۹٬۰۰۰ تومان۱۰٪ تخفیف
  • تخفیف زمان‌دار−۵٬۰۰۰ تومان

۵٬۰۰۰ تومان صرفه‌جویی نسبت به قیمت اصلی

نسخه اصلی و اورجینال

بلافاصله پس از خرید، فایل کتاب روی دستگاه شما آمادهٔ دانلود است.

تحویل فوری
پرداخت امن
ضمانت فایل
پشتیبانی

مشخصات کتاب

سال انتشار
۲۰۰۷
فرمت
PDF
زبان
انگلیسی
حجم فایل
۱۰٫۵ مگابایت

دربارهٔ کتاب

It's easy enough to install Wireshark and begin capturing packets off the wire - or from the air. But how do you interpret those packets once you've captured them? And how can those packets help you to better understand what's going on under the hood of your network? Practical Packet Analysis shows how to use Wireshark to capture and then analyze packets as you take an indepth look at real-world packet analysis and network troubleshooting. The way the pros do it.Wireshark (derived from the Ethereal project), has become the world's most popular network sniffing application. But while Wireshark comes with documentation, there's not a whole lot of information to show you how to use it in real-world scenarios. Practical Packet Analysis shows you how to: * Use packet analysis to tackle common network problems, such as loss of connectivity, slow networks, malware infections, and more * Build customized capture and display filters * Tap into live network communication * Graph traffic patterns to visualize the data flowing across your network * Use advanced Wireshark features to understand confusing packets * Build statistics and reports to help you better explain technical network information to non-technical users PRACTICAL PACKET ANALYSIS 1 CONTENTS IN DETAIL 11 Acknowledgments 17 Introduction 19 Why This Book? 20 Concepts and Approach 20 How to Use This Book 22 About the Example Capture Files 22 1: Packet Analysis and Network Basics 23 What Is Packet Analysis? 24 Evaluating a Packet Sniffer 24 Supported Protocols 24 User Friendliness 24 Cost 25 Program Support 25 Operating System Support 25 How Packet Sniffers Work 25 Collection 25 Conversion 25 Analysis 25 How Computers Communicate 26 Networking Protocols 26 The Seven-Layer OSI Model 26 Protocol Interaction 28 Data Encapsulation 29 The Protocol Data Unit 30 Network Hardware 30 Traffic Classifications 34 2: Tapping into the Wire 37 Living Promiscuously 38 Sniffing Around Hubs 38 Sniffing in a Switched Environment 40 Port Mirroring 40 Hubbing Out 41 ARP Cache Poisoning 42 Using Cain & Abel 43 Sniffing in a Routed Environment 46 Network Maps 47 3: Introduction to Wireshark 49 A Brief History of Wireshark 49 The Benefits of Wireshark 50 Supported Protocols 50 User Friendliness 50 Cost 50 Program Support 50 Operating System Support 51 Installing Wireshark 51 System Requirements 51 Installing on Windows Systems 51 Installing on Linux Systems 53 Wireshark Fundamentals 53 Your First Packet Capture 53 The Main Window 55 The Preferences Dialog 56 Packet Color Coding 57 4: Working with Captured Packets 61 Finding and Marking Packets 61 Finding Packets 62 Marking Packets 62 Saving and Exporting Capture Files 63 Saving Capture Files 63 Exporting Capture Data 64 Merging Capture Files 64 Printing Packets 65 Time Display Formats and References 65 Time Display Formats 65 Packet Time Referencing 66 Capture and Display Filters 67 Capture Filters 67 Display Filters 68 The Filter Expression Dialog (the Easy Way) 69 The Filter Expression Syntax Structure (the Hard Way) 69 Saving Filters 71 5: Advanced Wireshark Features 73 Name Resolution 73 Types of Name Resolution Tools in Wireshark 74 Enabling Name Resolution 74 Potential Drawbacks to Name Resolution 74 Protocol Dissection 75 Following TCP Streams 77 The Protocol Hierarchy Statistics Window 78 Viewing Endpoints 79 Conversations 80 The IO Graphs Window 81 6: Common Protocols 83 Address Resolution Protocol 84 Dynamic Host Configuration Protocol 84 TCP/IP and HTTP 86 TCP/IP 86 Establishing the Session 86 Beginning the Flow of Data 88 HTTP Request and Transmission 88 Terminating the Session 89 Domain Name System 90 File Transfer Protocol 91 CWD Command 92 SIZE Command 92 RETR Command 93 Telnet Protocol 93 MSN Messenger Service 94 Internet Control Message Protocol 97 Final Thoughts 97 7: Basic Case Scenarios 99 A Lost TCP Connection 99 Unreachable Destinations and ICMP Codes 101 Unreachable Destination 101 Unreachable Port 102 Fragmented Packets 103 Determining Whether a Packet Is Fragmented 103 Keeping Things in Order 104 No Connectivity 105 What We Know 106 Tapping into the Wire 106 Analysis 106 Summary 108 The Ghost in Internet Explorer 108 What We Know 108 Tapping into the Wire 108 Analysis 109 Summary 110 Inbound FTP 110 What We Know 110 Tapping into the Wire 110 Analysis 110 Summary 112 It’s Not My Fault! 112 What We Know 112 Tapping into the Wire 112 Analysis 112 Summary 114 An Evil Program 114 What We Know 114 Tapping into the Wire 114 Analysis 115 Summary 119 Final Thoughts 120 8: Fighting a Slow Network 121 Anatomy of a Slow Download 122 A Slow Route 126 What We Know 126 Tapping into the Wire 126 Analysis 127 Summary 128 Double Vision 129 What We Know 129 Tapping into the Wire 129 Analysis 129 Summary 131 Did That Server Flash Me? 131 What We Know 131 Tapping into the Wire 131 Analysis 132 Summary 133 A Torrential Downfall 133 What We Know 133 Tapping into the Wire 133 Analysis 134 Summary 135 POP Goes the Email Server 136 What We Know 136 Tapping into the Wire 136 Analysis 136 Summary 137 Here’s Something Gnu 137 What We Know 138 Tapping into the Wire 138 Analysis 138 Summary 141 Final Thoughts 141 9: Security-based Analysis 143 OS Fingerprinting 143 A Simple Port Scan 144 The Flooded Printer 145 What We Know 145 Tapping into the Wire 145 Analysis 145 Summary 146 An FTP Break-In 146 What We Know 147 Tapping into the Wire 147 Analysis 147 Summary 149 Blaster Worm 149 What We Know 149 Tapping into the Wire 149 Analysis 149 Summary 150 Covert Information 151 What We Know 151 Tapping into the Wire 151 Analysis 151 Summary 152 A Hacker’s Point of View 152 What We Know 152 Tapping into the Wire 153 Analysis 153 Summary 155 10: Sniffing into Thin Air 157 Sniffing One Channel at a Time 157 Wireless Signal Interference 158 Wireless Card Modes 158 Sniffing Wirelessly in Windows 160 Configuring AirPcap 160 Capturing Traffic with AirPcap 162 Sniffing Wirelessly in Linux 163 802.11 Packet Extras 164 802.11 Flags 165 The Beacon Frame 165 Wireless-Specific Columns 166 Wireless-Specific Filters 167 Filtering Traffic for a Specific BSS Id 168 Filtering Specific Wireless Packet Types 168 Filtering Specific Data Types 168 A Bad Connection Attempt 170 What We Know 170 Tapping into the Wire Air 170 Analysis 170 Summary 172 Final Thoughts 172 11: Further Reading 173 Afterword 176 Index 177 PRACTICAL PACKET ANALYSIS......Page 1 CONTENTS IN DETAIL......Page 11 Acknowledgments......Page 17 Introduction......Page 19 Concepts and Approach......Page 20 About the Example Capture Files......Page 22 1: Packet Analysis and Network Basics......Page 23 User Friendliness......Page 24 Analysis......Page 25 The Seven-Layer OSI Model......Page 26 Protocol Interaction......Page 28 Data Encapsulation......Page 29 Network Hardware......Page 30 Traffic Classifications......Page 34 2: Tapping into the Wire......Page 37 Sniffing Around Hubs......Page 38 Port Mirroring......Page 40 Hubbing Out......Page 41 ARP Cache Poisoning......Page 42 Using Cain & Abel......Page 43 Sniffing in a Routed Environment......Page 46 Network Maps......Page 47 A Brief History of Wireshark......Page 49 Program Support......Page 50 Installing on Windows Systems......Page 51 Your First Packet Capture......Page 53 The Main Window......Page 55 The Preferences Dialog......Page 56 Packet Color Coding......Page 57 Finding and Marking Packets......Page 61 Marking Packets......Page 62 Saving Capture Files......Page 63 Merging Capture Files......Page 64 Time Display Formats......Page 65 Packet Time Referencing......Page 66 Capture Filters......Page 67 Display Filters......Page 68 The Filter Expression Syntax Structure (the Hard Way)......Page 69 Saving Filters......Page 71 Name Resolution......Page 73 Potential Drawbacks to Name Resolution......Page 74 Protocol Dissection......Page 75 Following TCP Streams......Page 77 The Protocol Hierarchy Statistics Window......Page 78 Viewing Endpoints......Page 79 Conversations......Page 80 The IO Graphs Window......Page 81 6: Common Protocols......Page 83 Dynamic Host Configuration Protocol......Page 84 Establishing the Session......Page 86 HTTP Request and Transmission......Page 88 Terminating the Session......Page 89 Domain Name System......Page 90 File Transfer Protocol......Page 91 SIZE Command......Page 92 Telnet Protocol......Page 93 MSN Messenger Service......Page 94 Final Thoughts......Page 97 A Lost TCP Connection......Page 99 Unreachable Destination......Page 101 Unreachable Port......Page 102 Determining Whether a Packet Is Fragmented......Page 103 Keeping Things in Order......Page 104 No Connectivity......Page 105 Analysis......Page 106 Tapping into the Wire......Page 108 Analysis......Page 109 Analysis......Page 110 Analysis......Page 112 Tapping into the Wire......Page 114 Analysis......Page 115 Summary......Page 119 Final Thoughts......Page 120 8: Fighting a Slow Network......Page 121 Anatomy of a Slow Download......Page 122 Tapping into the Wire......Page 126 Analysis......Page 127 Summary......Page 128 Analysis......Page 129 Tapping into the Wire......Page 131 Analysis......Page 132 Tapping into the Wire......Page 133 Analysis......Page 134 Summary......Page 135 Analysis......Page 136 Here’s Something Gnu......Page 137 Analysis......Page 138 Final Thoughts......Page 141 OS Fingerprinting......Page 143 A Simple Port Scan......Page 144 Analysis......Page 145 An FTP Break-In......Page 146 Analysis......Page 147 Analysis......Page 149 Summary......Page 150 Analysis......Page 151 What We Know......Page 152 Analysis......Page 153 Summary......Page 155 Sniffing One Channel at a Time......Page 157 Wireless Card Modes......Page 158 Configuring AirPcap......Page 160 Capturing Traffic with AirPcap......Page 162 Sniffing Wirelessly in Linux......Page 163 802.11 Packet Extras......Page 164 The Beacon Frame......Page 165 Wireless-Specific Columns......Page 166 Wireless-Specific Filters......Page 167 Filtering Specific Data Types......Page 168 Analysis......Page 170 Final Thoughts......Page 172 11: Further Reading......Page 173 Afterword......Page 176 Index......Page 177 It's easy enough to install Wireshark and begin capturing packets off the wire--or from the air. But how do you interpret those packets once you've captured them? And how can those packets help you to better understand what's going on under the hood of your network? Practical Packet Analysis shows how to use Wireshark to capture and then analyze packets as you take an indepth look at real-world packet analysis and network troubleshooting. The way the pros do it. Wireshark (derived from the Ethereal project), has become the world's most popular network sniffing application. But while Wireshark comes with documentation, there's not a whole lot of information to show you how to use it in real-world scenarios. Practical Packet Analysis shows you how Because net-centric computing requires a deep understanding of network communication at the packet level, Practical Packet Analysis is a must have for any network technician, administrator, or engineer troubleshooting network problems of any kind. Provides information on ways to use Wireshark to capture and analyze packets, covering such topics as building customized capture and display filters, graphing traffic patterns, and building statistics and reports.

قیمت نهایی

۴۴٬۰۰۰ تومان