Packt+ | Advance your knowledge in tech

You're reading from Network Analysis using Wireshark 2 Cookbook Practical recipes to analyze and secure your network using Wireshark 2

Product type Paperback

Published in Mar 2018

Publisher

ISBN-13 9781786461674

Length 626 pages

Edition 2nd Edition

Tools

Wireshark

Concepts

Network Security

Authors (3):

Nagendra Kumar Nainar

Yoram Orzach

Yogesh Ramdoss

View More author details

Table of Contents (25) Chapters

Title Page

Dedication

Packt Upsell

Contributors

Preface

1. Introduction to Wireshark Version 2 FREE CHAPTER

2. Mastering Wireshark for Network Troubleshooting

3. Using Capture Filters

4. Using Display Filters

5. Using Basic Statistics Tools

6. Using Advanced Statistics Tools

7. Using the Expert System

8. Ethernet and LAN Switching

9. Wireless LAN

10. Network Layer Protocols and Operations

11. Transport Layer Protocol Analysis

12. FTP, HTTP/1, and HTTP/2

13. DNS Protocol Analysis

14. Analyzing Mail Protocols

15. NetBIOS and SMB Protocol Analysis

16. Analyzing Enterprise Applications' Behavior

17. Troubleshooting SIP, Multimedia, and IP Telephony

18. Troubleshooting Bandwidth and Delay Issues

19. Security and Network Forensics

Index

Locating smart TCP attacks

Another type of attack is when you send unknown TCP packets, hoping that the device under attack will not know what to do with them and hopefully pass them through. These types of attacks are well known, and blocked by most of the modern firewalls that are implemented in networks today; but still, I will inform you about them in brief.

Getting ready

What I usually do when I get to a new network is to connect my laptop to the network and see what is running over it. First, I just connect it to several switches and see the broadcasts. Then I configure a port-mirror to critical servers and communication lines and look what is running over it.

To look for unusual traffic, port-mirror the communication links and central servers, and check for unusual traffic patterns.