Search icon Close icon
Search icon CANCEL
Subscription
0
Cart icon
Your Cart (0 item)
Close icon
You have no products in your basket yet
Save more on your purchases! discount-offer-chevron-icon
Savings automatically calculated. No voucher code required.
Checkout

Change country

Modal Close icon
Country selected Country selected
country flag United States
Country selected
country flag Great Britain
Country selected
country flag India
Country selected
country flag Germany
Country selected
country flag France
Country selected
country flag Canada
Country selected
country flag Russia
Country selected
country flag Spain
Country selected
country flag Brazil
Country selected
country flag Australia
Country selected
country flag South Africa
Country selected
country flag Thailand
Country selected
country flag Ukraine
Country selected
country flag Switzerland
Country selected
country flag Slovakia
Country selected
country flag Luxembourg
Country selected
country flag Hungary
Country selected
country flag Romania
Country selected
country flag Denmark
Country selected
country flag Ireland
Country selected
country flag Estonia
Country selected
country flag Belgium
Country selected
country flag Italy
Country selected
country flag Finland
Country selected
country flag Cyprus
Country selected
country flag Lithuania
Country selected
country flag Latvia
Country selected
country flag Malta
Country selected
country flag Netherlands
Country selected
country flag Portugal
Country selected
country flag Slovenia
Country selected
country flag Sweden
Country selected
country flag Argentina
Country selected
country flag Colombia
Country selected
country flag Ecuador
Country selected
country flag Indonesia
Country selected
country flag Mexico
Country selected
country flag New Zealand
Country selected
country flag Norway
Country selected
country flag South Korea
Country selected
country flag Taiwan
Country selected
country flag Turkey
Country selected
country flag Czechia
Country selected
country flag Austria
Country selected
country flag Greece
Country selected
country flag Isle of Man
Country selected
country flag Bulgaria
Country selected
country flag Japan
Country selected
country flag Philippines
Country selected
country flag Poland
Country selected
country flag Singapore
Country selected
country flag Egypt
Country selected
country flag Chile
Country selected
country flag Malaysia
Country selected
Arrow left icon
All Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Newsletter Hub
Free Learning
Arrow right icon
timer SALE ENDS IN
0 Days
:
00 Hours
:
00 Minutes
:
00 Seconds
Arrow up icon
GO TO TOP
Network Analysis using Wireshark Cookbook

You're reading from   Network Analysis using Wireshark Cookbook This book will be a massive ally in troubleshooting your network using Wireshark, the world's most popular analyzer. Over 100 practical recipes provide a focus on real-life situations, helping you resolve your own individual issues.

Arrow left icon
Product type Paperback
Published in Dec 2013
Publisher Packt
ISBN-13 9781849517645
Length 452 pages
Edition 1st Edition
Tools
Concepts
Arrow right icon
Author (1):
Arrow left icon
Orzach Orzach
Author Profile Icon Orzach
Orzach
LinkedIn
Yoram Orzach is a senior networks and networks security advisor, providing network design and network security consulting services to a range of clients. Having spent thirty years in network and information security, Yoram has worked as a network and security engineer across many verticals in roles ranging from a network engineer, security consultant, and instructor. Yoram has gained his B.Sc. from the Technion in Haifa, Israel. Yoram's experience is both with corporate networks; service providers and Internet service providers' networks. His customers are Motorola solutions, Elbit Systems, 888, Taboola, Bezeq, PHI Networks, Cellcom, Strauss group, and many other hi-tech companies.
Read more
See other products by Orzach
Arrow right icon
View More author details
Toc

Table of Contents (23) Chapters Close

Network Analysis Using Wireshark Cookbook
Credits
About the Author
Acknowledgments
About the Reviewers
www.PacktPub.com
Preface
1. Introducing Wireshark 2. Using Capture Filters FREE CHAPTER 3. Using Display Filters 4. Using Basic Statistics Tools 5. Using Advanced Statistics Tools 6. Using the Expert Infos Window 7. Ethernet, LAN Switching, and Wireless LAN 8. ARP and IP Analysis 9. UDP/TCP Analysis 10. HTTP and DNS 11. Analyzing Enterprise Applications' Behavior 12. SIP, Multimedia, and IP Telephony 13. Troubleshooting Bandwidth and Delay Problems 14. Understanding Network Security Links, Tools, and Reading Index

Index

A

  • access_denied / How to do it...
  • ACK / How it works…, Regular operation of the TCP Sequence/Acknowledge mechanism
  • acknowledgement number field / How it works...
  • ACK scanning / How to do it...
  • Active mode (ACTV) / Analyzing FTP problems
  • Address Resolution Protocol (ARP) filter / Configuring Ethernet, ARP, host, and network filters
  • Allow sub-dissector option / There's more...
  • application-layer attacks
    • about / How it works...
  • application attacks
    • discovering / Discovering brute-force and application attacks, How to do it..., There's more...
  • ARP
    • configuring / Configuring Ethernet, ARP, host, and network filters, Getting ready
    • connectivity problems, analyzing with / Analyzing connectivity problems with ARP, How to do it..., Gratuitous ARP, Requests or replies, and who is the sender, How it works..., There's more...
    • poisoning / ARP poisoning and Man-in-the-Middle attacks
    • amount / How many ARPs
  • arp.opcode == <value> / Getting ready
  • arp.src.hw_mac == <MAC Address> / Getting ready
  • ARP filters / ARP filters
  • ARP replies / Requests or replies, and who is the sender
  • ARP requests / Requests or replies, and who is the sender
  • ARP sweep / ARP sweeps
  • Automatic Private IP Addressing (APIPA) addresses / General tests
  • Autonomous System (AS) / Getting ready
  • AVG (*) / Getting ready

B

  • % Bytes field / How to do it...
  • 32-bit source and destination IP addresses / How it works...
  • bad_certificate / How to do it...
  • bad_record_mac / How to do it...
  • bandwidth
    • about / How it works...
    • measuring, per user over network connection / Measuring bandwidth and throughput per user and per application over a network connection, How to do it..., See also
    • measuring, per application over network connection / Measuring bandwidth and throughput per user and per application over a network connection, How to do it..., See also
  • Berkeley Packet Filter (BPF) / How it works...
  • Bladeserver
    • about / Finding out what is running over your network
  • Bladesystem / Finding out what is running over your network
  • Border Gateway Protocol version 4 (BGPv4) / Getting ready
  • Bridge Protocol Data Units (BPDUs) / Which STP version is running on the network?
  • broadcast / Getting ready
  • broadcast domains
    • about / Getting ready
  • Broadcast MAC address / How to do it...
  • broadcast storm
    • about / Discovering broadcast and error storms
    • discovering / How to do it...
    • working / How it works...
  • brute-force attacks
    • discovering / Discovering brute-force and application attacks, How to do it..., How it works..., There's more...
  • byte offset
    • configuring / Configuring byte offset and payload matching filters, How to do it..., How it works…, There's more...
  • bytes field / How to do it...

C

  • !, C-like Syntax / Getting ready
  • !=, C-like Syntax / Getting ready
  • &&, C-like Syntax / Getting ready
  • <, C-like Syntax / Getting ready
  • <=, C-like Syntax / Getting ready
  • ==, C-like Syntax / Getting ready
  • >, C-like Syntax / Getting ready
  • >=, C-like Syntax / Getting ready
  • C-like Syntax / Getting ready
  • C-Tag (802.1Q) / There's more…
  • calculating conversations timestamps / How it works...
  • capture
    • data capturing, starting / Starting the capture of data, How to do it...
    • interface, selecting / How to choose the interface to start the capture
    • interface, configuring / How to configure the interface you capture data from
    • configuration, changing / Changing the capture configuration
  • capture filters
    • about / Introduction
    • configuring / Configuring capture filters, How to do it..., How it works..., There's more...
  • C Arrays to Packet Bytes (*.c) / Saving data in various formats
  • Cascade Pilot package
    • URL / There's more...
  • Castlerock Computing SNMPc
    • URL / SNMP platforms
  • CA Unicenter
    • URL / SNMP platforms
  • certificate_expired / How to do it...
  • certificate_revoked / How to do it...
  • certificate_unknown / How to do it...
  • chats tab / How to do it...
  • Checkpoint
    • URL / See also
  • checksum errors / How to do it...
  • checksum field / How it works...
  • Cisco
    • URL / The NetFlow, JFlow, and SFlow analyzers
  • Cisco Netflow
    • URL / See also
  • Cisco press
    • URL / Books
  • Citrix communications
    • issues, analyzing / Analyzing MS-TS and Citrix communications problems , How to do it..., There's more…
  • Citrix Metaframe Independent Computing Architecture (ICA) / Analyzing MS-TS and Citrix communications problems
  • client codes / Client errors
  • client error codes / 4xx codes – client error
  • close_modify / How to do it...
  • coloring rules
    • about / Configuring coloring rules and navigation techniques, Getting ready, How to do it..., See also
  • Command Line Interface (CLI) / How to do it...
  • Comma Separated Values / Saving data in various formats
  • communication link
    • total bandwidth, measuring on / Measuring total bandwidth on a communication link, Getting ready, How to do it..., How it works..., There's more...
  • Compass (for Windows)
    • URL / There's more...
  • Compile BPF button / How it works...
  • complex filters / Complex filters
  • compound filters
    • configuring / Configuring compound filters, There's more...
  • CONNECT / HTTP methods
  • connectivity problems
    • analyzing, with ARP / Analyzing connectivity problems with ARP, How to do it..., Gratuitous ARP, Requests or replies, and who is the sender, How it works..., There's more...
  • Content Delivery Network (CDN) / There's more...
  • Contributing source identifiers list (CSRC) / RTP principles of operation
  • Conversations tool
    • using, from statistics menu / Using the Conversations tool from the Statistics menu, How to do it..., How it works...
  • Conversations window / A device that generates Broadcasts
  • COUNT FIELDS (*) / Getting ready
  • COUNT FRAMES (*) / Getting ready
  • Create Stat button / How to do it...
  • CSRC count (CC) / RTP principles of operation
  • ||, C-like Syntax / Getting ready

D

  • data
    • capturing, starting / Starting the capture of data
    • whole file, saving / How to do it...
    • part of file, saving / How to do it...
    • saving, in different formats / Saving data in various formats
    • printing / How to print data
  • Database Administrator (DBA) / How to do it...
  • database traffic
    • issues, analyzing / Analyzing database traffic and common problems, How to do it..., How it works...
  • Datagram distribution service (port 138) / Analyzing problems in the NetBIOS protocols
  • Date and Time of Day / How to do it...
  • DDoS
    • about / How it works...
    • attacks, discovering / Discovering DoS and DDoS attacks, How to do it..., How it works...
  • decode_error / How to do it...
  • decompression_failure / How to do it...
  • decryption_failed / How to do it...
  • decrypt_error / How to do it...
  • Deep Packet Inspection (DPI) / How it works...
  • delay
    • monitoring, Wireshark used / Monitoring jitter and delay using Wireshark, How to do it..., How it works..., There's more...
    • about / How it works...
    • problems, discovering / Discovering delay/jitter-related application problems, How to do it..., How it works...
  • DELETE / HTTP methods
  • details tab / How to do it...
  • DHCP
    • about / Analyzing DHCP problems
  • DHCP Ack / How it works...
  • DHCP Discover / How it works...
  • DHCP Offer / How it works...
  • DHCP problems
    • analyzing / Analyzing DHCP problems, How to do it..., How it works..., There's more...
  • DHCP Request / How it works...
  • Differentiated Services (DiffServ) / Configuring of IPv4 and IPv6 Preferences, How it works...
  • Dir (direction) qualifiers / How it works...
  • displayed data
    • saving / Saving the displayed data
  • display filters
    • about / Introduction, Introduction
    • configuring / Configuring display filters, Getting ready, How to do it..., Choosing from the filters menu
    • syntax, writing / Writing the syntax directly into the display filter window
    • parameter, selecting in packet pane / Choosing a parameter in the packet pane and defining it as a filter
  • display filter toolbar
    • about / Display Filter Toolbar
  • Display window / How to do it...
  • DNS
    • about / Introduction
    • traffic, filtering / Filtering DNS traffic, How to do it..., There's more...
    • operations, analyzing / Analyzing regular DNS operations, How it works...
    • operations / DNS operation
    • namespace / DNS namespace
    • servers, using / The resolving process
    • issues, analyzing / Analysing DNS problems, DNS cannot resolve a name, How it works..., There's more...
    • slow responses / DNS slow responses
  • DNS Benchmark
    • from GRC, URL / The resolving process
  • DNS display filters / DNS display filters
  • DoS
    • about / How it works...
    • attacks, discovering / Discovering DoS and DDoS attacks, How to do it..., How it works...
  • dst host <host> filter / Getting ready
  • dst net <net>/<len> filter / Getting ready
  • dst net <net> filter / Getting ready
  • dst net <net> mask <netmask> filter / Getting ready
  • dst port <port> filter / Getting ready
  • duplicate ACKs
    • about / Duplicate ACKs and fast retransmissions, How to do it..., How it works..., There's more...
  • duplicate IPs
    • finding / Finding duplicate IPs, How it works..., There's more...

E

  • e-mail traffic
    • issues, analyzing / Analyzing e-mail traffic and troubleshooting e-mail problems – POP, IMAP, and SMTP, POP3 communications, SMTP communications, How it works..., POP3, SMTP and SMTP error codes (RFC3463), There's more...
  • End Bytes field / How to do it...
  • End Mbit/s field / How to do it...
  • End Packets field / How to do it...
  • Endpoints tool
    • using, from statistics menu / Using the Endpoints tool from the Statistics menu, How to do it..., There's more...
  • Enhancement area
    • URL / Useful Wireshark links
  • Enterprise Resource Planning (ERP) / There's more…
  • Eric Lawrence and Telerik
    • URL / HTTP debuggers
  • error codes filters / How to do it...
  • error events
    • about / Error events and understanding them, How it works...
  • error storms
    • about / Discovering broadcast and error storms
    • discovering / How to do it...
  • eth.addr == <MAC Address> / Getting ready
  • eth.dst == <MAC Address> / Getting ready
  • eth.src == <MAC Address> / Getting ready
  • eth.type == <Protocol Type (Hexa)> / Getting ready
  • ETHER-TYPE codes
    • URL / See also
  • Etherape (for Linux)
    • URL / There's more...
  • ether broadcast filter / Getting ready
  • ether dst <Ethernet host> filter / Getting ready
  • ether host <Ethernet host> filter / Getting ready
  • ether multicast filter / Getting ready
  • Ethernet
    • configuring / Configuring Ethernet, ARP, host, and network filters
    / How to do it...
  • Ethernet (MAC) address / How to do it...
  • Ethernet broadcasts / Ethernet broadcasts
  • Ethernet conversations statistics
    • about / Ethernet conversations statistics
  • Ethernet filters
    • configuring / Configuring Ethernet filters, How to do it..., How it works…
    / Ethernet filters
  • ether proto <protocol> filter / Getting ready
  • ether src <Ethernet host> filter / Getting ready
  • expert.group
    • categories / There's more...
  • expert.message / There's more...
  • expert.severity / There's more...
  • Expert Infos window
    • about / Introduction, The Expert Infos window and how to use it for network troubleshooting, How to do it...
    • starting / How to do it...
    • errors / How to do it...
    • warnings / How to do it...
    • notes / How to do it...
    • chats / How to do it...
    • details / How to do it...
    • packet comments / How to do it...
    • expert.message / There's more...
    • expert.severity / There's more...
  • export_restriction / How to do it...
  • Extension bit (X) / RTP principles of operation
  • Exterior Gateway Protocols (EGPs) / Getting ready

F

  • Fiddler
    • URL / There's more...
    / There's more...
  • field appearances
    • monitoring / How to monitor a number of field appearances
  • field name pane / Choosing from the filters menu
  • filtering
    • about / Locating Wireshark
  • filters
    • capture filters / Configuring capture filters
    • Ethernet filters / Configuring Ethernet filters
    • network filters / Configuring host and network filters
    • hosts filters / Configuring host and network filters
    • UDP port filter / Configuring TCP/UDP and port filters, How to do it..., How it works…, See also
    • TCP port filter / Configuring TCP/UDP and port filters, How to do it..., How it works…, See also
    • byte offset filter / Configuring byte offset and payload matching filters, How to do it..., How it works…, There's more...
    • payload matching filter / Configuring byte offset and payload matching filters, How to do it..., How it works…, There's more...
    • IO Graphs, configuring with / Configuring IO Graphs with filters for measuring network performance issues, How to do it..., Y-Axis configuration, How it works..., There's more...
    • configuring / Filter configuration
  • filters menu
    • selecting from / Choosing from the filters menu
    • field name pane / Choosing from the filters menu
    • relation pane / Choosing from the filters menu
    • value pane / Choosing from the filters menu
    • predefined values pane / Choosing from the filters menu
    • range (offset$ length) pane / Choosing from the filters menu
  • FIN / How it works…
  • FIN-ACK scanning / How to do it...
  • firewall
    • monitoring / Monitoring a firewall
  • firewalls / There's more...
  • fixed pattern broadcasts / Fixed pattern broadcasts
  • flags field / How it works...
  • flgs / How it works...
  • Flow Control mechanism
    • about / TCP Zero Window, Window Full, Window Change, and other Window indicators
  • Flow Graph
    • configuring, to view TCP flows / Configuring Flow Graph for viewing TCP flows, There's more...
  • Flow Graph window / How to do it...
  • Follow TCP Stream
    • about / HTTP flow analysis and the Follow TCP Stream window, How to do it..., How it works...
  • fragmentation
    • issues / Finding fragmentation problems, How to do it..., How it works..., There's more...
  • Fragment offset / How it works...
  • frame.time_delta / Getting ready
  • frame.time_delta_displayed / Getting ready
  • FTP
    • issues, analyzing / Analyzing FTP problems, How to do it..., How it works..., There's more...
    • Active mode (ACTV) / Analyzing FTP problems
    • Passive mode (PASV) / Analyzing FTP problems
  • FTP display filters / FTP display filters
  • Full Duplex (FDX) / How it works...

G

  • gateway <Host name or address> filter / Getting ready
  • generated broadcast storm
    • characteristics / A device that generates Broadcasts
  • GeoIP
    • about / Configuring of IPv4 and IPv6 Preferences
    • URL / There's more..., Getting ready
    • using, to lookup physical locations / Using GeoIP to look up physical locations of the IP address, How to do it..., How it works..., There's more...
  • GET / HTTP methods
  • global failure code / 6xx codes – global failure
  • Google web page
    • accesses, gaphing / Graphing number of accesses to the Google web page
  • Graphical Ping tools
    • URL / There's more...
  • gratuitous ARP / Gratuitous ARP
  • gtk
    • URL / Useful Wireshark links

H

  • H.225 / How it works...
  • H.323 / How it works...
  • Half-Duplex (HDX) / How it works...
  • handshake_failure / How to do it...
  • HEAD / HTTP methods
  • Header length (HL) / How it works...
  • header length field / How it works...
  • host
    • configuring / Configuring Ethernet, ARP, host, and network filters
  • host <host> filter / Getting ready
  • hosts
    • configuring / Configuring host and network filters, Getting ready, How to do it..., There's more...
  • HP IMC
    • URL / SNMP platforms
  • HP OpenView
    • URL / SNMP platforms
  • HTTP
    • about / Introduction
    • issues, analyzing / Analyzing HTTP problems, How to do it...
    • informational codes / Informational codes
    • success codes / Success codes
    • redirect codes / Redirect codes
    • client codes / Client errors
    • server errors / Server errors
  • HTTP debuggers / HTTP debuggers
  • HTTP display filters / HTTP display filters
  • HTTP filters
    • name based filters / How to do it...
    • request methods filters / How to do it...
    • error codes filters / How to do it...
    • HTTP methods / HTTP methods
    • status codes / Status codes
  • HTTP headers fields
    • custom / Custom HTTP headers fields, How it works...
  • HTTP methods
    • about / HTTP methods
    • OPTIONS / HTTP methods
    • GET / HTTP methods
    • HEAD / HTTP methods
    • POST / HTTP methods
    • DELETE / HTTP methods
    • PUT / HTTP methods
    • TRACE / HTTP methods
    • CONNECT / HTTP methods
  • HTTP objects
    • about / Exporting HTTP objects
    • exporting / How to do it..., How it works...
  • HTTP preferences
    • configuring / Configuring HTTP preferences
  • HTTPS
    • about / Introduction
  • HTTPS sessions
    • monitoring / How to do it..., How it works...
  • HTTP tool
    • using, from statistics menu / Using the HTTP tool from the Statistics menu, How to do it...
  • HTTP traffic
    • filtering / Filtering HTTP traffic, How to do it...
  • hubs / Monitoring a router

I

  • ICMP / Discovering ICMP and TCP SYN/Port scans
  • ICMP filters / IP and ICMP filters
  • icmp[icmptype]==<identifier> filter / Getting ready
  • IDS/IPS / There's more...
    • URL / See also
  • IETF / How it works...
  • illegal_parameter / How to do it...
  • IMAP4
    • about / Analyzing e-mail traffic and troubleshooting e-mail problems – POP, IMAP, and SMTP
  • information
    • retrieving, through TCP stream graphs (Time-Sequence (Stevens) window) / Getting information through TCP stream graphs – the Time-Sequence (Stevens) window, How to do it..., How it works...
    • retrieving, through TCP stream graphs (Time-Sequence (tcp-trace) window) / Getting information through TCP stream graphs – the Time-Sequence (tcp-trace) window, How to do it..., How it works...
    • retrieving, through TCP stream graphs (Throughput Graph window) / Getting information through TCP stream graphs – the Throughput Graph window, There's more...
    • retrieving, through TCP stream graphs (Round Trip Time window) / Getting information through TCP stream graphs – the Round Trip Time window, How to do it..., There's more...
    • retrieving, through TCP stream graphs (Window Scaling Graph window) / Getting information through TCP stream graphs – the Window Scaling Graph window, How to do it...
  • informational codes / Informational codes
  • information security
    • about / Introduction
  • inSSIDer / How to do it…
  • insufficient_security / How to do it...
  • inter-frame time delta statistics
    • monitoring / How to monitor inter-frame time delta statistics
  • internal_error / How to do it...
  • Internet Assigned Numbers Authority (IANA) / How it works...
  • Internet Group Management Protocol (IGMP) / How it works...
  • Internet Protocol Version 4 / How to do it...
  • Internet Service Provider (ISP) / Getting ready
  • Intrusion Detection Systems (IDS) / How it works...
  • Intrusion Detection Systems / Intrusion Prevention Systems (IDSs/IPSs) / Getting ready
  • INVITE method / How to do it...
  • IO Graphs
    • tool / Introduction
    • configuring, with filters / Configuring IO Graphs with filters for measuring network performance issues, How to do it...
    • throughput measurements / Throughput measurements with IO Graph, Getting ready
    • throughput measurements, between end devices / Measuring throughput between end devices
    • application throughput, measuring / Measuring application throughput
    • configurations, with advanced Y Axis parameters / Advanced IO Graph configurations with advanced Y-Axis parameters, How to do it...
    • inter-frame time delta statistics, monitoring / How to monitor inter-frame time delta statistics
  • IP-based statistics
    • creating / Creating IP-based statistics, How to do it...
  • ip.addr == <IP Address> / Getting ready
  • ip.dst == <IP Address> / Getting ready
  • ip.len < <value> / Getting ready
  • ip.len = <value>, ip.len > <value> / Getting ready
  • ip.src == <IP Address> / Getting ready
  • ip.ttl == <value>, ip.ttl < value> / Getting ready
  • ip.ttl > <value> / Getting ready
  • ip.version == <4/6> / Getting ready
  • ip6 proto <protocol> filter / Getting ready
  • IP conversations statistics
    • about / IP conversations statistics
  • IP destination statistics
    • retrieving / How to do it...
  • Iperf
    • URL / How to do it...
  • IP filters / IP and ICMP filters
  • IPFIX
    • URL / The NetFlow, JFlow, and SFlow analyzers
  • IP geographical location databases
    • URL / How it works...
  • ip or IP6 filter / Getting ready
  • IP packet
    • factors / How it works...
    • ver / How it works...
    • Header length (HL) / How it works...
    • Type of Service (ToS) / How it works...
    • Differentiated Services (DiffServ) / How it works...
    • length field / How it works...
    • 16-bit identifier / How it works...
    • Fragment offset / How it works...
    • flgs / How it works...
    • Time to live (TTL) / How it works...
    • upper layer / How it works...
    • checksum field / How it works...
    • 32-bit source and destination IP addresses / How it works...
    • options field / How it works...
  • ip proto <protocol code> filter / Getting ready
  • IP statistics tools / IP statistics tools
  • IP traffic
    • analysis tools / Using IP traffic analysis tools
    • IP statistics tools / IP statistics tools
    • working / How it works...
  • IPTV applications
    • scenarios, troubleshooting / Troubleshooting scenarios for IPTV applications, How to do it...
  • IPv4 host address / How to do it...
  • IPv4 multicasts / IPv4 multicasts
  • IPv4 network address / How to do it...
  • IPv4 preferences
    • configuring / Configuring of IPv4 and IPv6 Preferences
  • IPv6 host address / How to do it...
  • IPv6 multicasts / IPv6 multicasts
  • IPv6 network address / How to do it...
  • IPv6 preferences
    • configuring / Configuring of IPv4 and IPv6 Preferences
  • iterative mode
    • about / There's more...
  • ITU-T / How it works...

J

  • JFlow
    • URL / The NetFlow, JFlow, and SFlow analyzers
    / The NetFlow, JFlow, and SFlow analyzers
  • jitter
    • monitoring, Wireshark used / Monitoring jitter and delay using Wireshark, How to do it..., How it works..., There's more...
    • problems, discovering / Discovering delay/jitter-related application problems, How to do it..., How it works...
  • Juniper
    • URL / The NetFlow, JFlow, and SFlow analyzers
  • Juniper Jflow
    • URL / See also

L

  • LAN switch
    • about / How it works...
  • LAN switch vendors / Locating Wireshark
  • Layer 4 filters / Getting ready
  • length field / How it works...
  • Libpcap
    • URL / See also
  • live capture
    • auto scrolling / Auto scrolling in live capture
  • LOAD (*) / Getting ready
  • Load Distribution
    • viewing, on Web / How to do it...
    • viewing, on specific website / How to do it...
  • lookup physical locations
    • GeoIP, using / Using GeoIP to look up physical locations of the IP address, How to do it..., How it works..., There's more...

M

  • $, modifier / How it works...
  • (), modifier / How it works...
  • *, modifier / How it works...
  • +, modifier / How it works...
  • ?, modifier / How it works...
  • MAC-based attacks
    • discovering / Discovering MAC- and ARP-based attacks, How to do it..., There's more...
  • macros
    • configuring / Configuring macros, How to do it...
  • Mail Filters / There's more...
    • URL / See also
  • main toolbar
    • about / Main Toolbar
  • main window
    • configuring / Configuring the main window
  • malformed packets / How to do it...
  • Man-in-the-Middle attacks / ARP poisoning and Man-in-the-Middle attacks
  • Man-in-the-middle attacks / How it works...
  • Manageengine
    • URL / SNMP platforms
  • Marker (M) / RTP principles of operation
  • MAX (*) / Getting ready
  • Maximum Segment Size (MSS) / How it works..., How it works...
  • Mbit/s field / How to do it...
  • methods
    • about / Getting ready
  • MIN (*) / Getting ready
  • Mini Protocol Analyzer
    • URL / Network analysers
  • modifiers
    • ^ / How it works...
    • $ / How it works...
    • | / How it works...
    • () / How it works...
    • * / How it works...
    • + / How it works...
    • ? / How it works...
    • {n} / How it works...
    • {n,} / How it works...
    • {n,m} / How it works...
  • MRTG
    • URL / SNMP platforms
  • MS-TS
    • issues, analyzing / Analyzing MS-TS and Citrix communications problems , How to do it..., There's more…
  • multicast / Getting ready
  • multimedia applications
    • about / Introduction
  • Multiple Input Multiple Output (MIMO) / How it works…
  • Multiple Spanning Tree (MST) / Analyzing Spanning Tree Protocols
  • Multi Protocol Label Switching (MPLS)
    • about / Finding out what is running over your network
  • |, modifier / How it works...

N

  • Nagious
    • URL / SNMP platforms
  • Namebench
    • URL / The resolving process
  • name resolution
    • about / Name Resolution
    • changing / Configuring the name resolution
  • Name service (port 137) / Analyzing problems in the NetBIOS protocols
  • net <net>/<len> filter / Getting ready
  • net <net> filter / Getting ready
  • net <net> mask <netmask> filter / Getting ready
  • NetBIOS Datagram Distribution Service (NBDS) / How it works...
  • Net BIOS Name Service (NBNS) / How it works...
  • NetBIOS Name Service (NBNS) / How it works...
  • NetBIOS protocols
    • issues, analyzing / Analyzing problems in the NetBIOS protocols, How to do it..., General tests, Specific issues, How it works...
    • services / Analyzing problems in the NetBIOS protocols
    • Name service (port 137) / Analyzing problems in the NetBIOS protocols
    • Datagram distribution service (port 138) / Analyzing problems in the NetBIOS protocols
    • Session service (port 139) / Analyzing problems in the NetBIOS protocols
    • general tests / General tests
    • specific issues / Specific issues, How it works...
    • application, freezing / Example 1 – application freezing
    • broadcast storm / Example 2 – broadcast storm caused by SMB
  • NetBIOS Server Message Block (SMB) / How it works...
  • NetBIOS Session Service (NBSS) / How it works...
  • Netcat (nc)
    • for Linux, URL / Other stuff
  • NetFlow / The NetFlow, JFlow, and SFlow analyzers
  • network
    • issues, analyzing / Finding out what is running over your network, How to do it...
  • Network Access Control (NAC) / There's more...
    • URL / See also
  • network connection
    • bandwidth, measuring over / Measuring bandwidth and throughput per user and per application over a network connection, How to do it..., See also
    • throughput, measuring over / Measuring bandwidth and throughput per user and per application over a network connection, How to do it..., See also
  • network filters
    • configuring / Configuring host and network filters, Getting ready, How to do it..., There's more...
  • Network Interface Card (NIC) / Getting ready
  • NetworkMiner
    • URL / There's more...
  • Network Time Protocol (NTP) / There's more..., How it works...
  • Nmap.org web page
    • URL / See also
  • Nmap security scanner
    • URL / Other stuff
  • notes events
    • about / Notes events and understanding them, How to do it..., How it works...
  • notes tab / How to do it...
  • no_renegotiation / How to do it...
  • {n,m}, modifier / How it works...
  • {n,}, modifier / How it works...
  • {n}, modifier / How it works...

O

  • offset filter
    • structure / How it works…
  • OpenNMS
    • URL / SNMP platforms
  • open source Cacti
    • URL / SNMP platforms
  • OPTIONS / HTTP methods
  • options field / How it works...
  • out-of-order packet
    • about / Getting ready
  • out-of-order segments
    • about / TCP out-of-order packet events
  • Outlook Web Access (OWA)
    • about / Analyzing e-mail traffic and troubleshooting e-mail problems – POP, IMAP, and SMTP

P

  • % Packets field / How to do it...
  • packet comments tab / How to do it...
  • Packet Counter statistics / How to do it...
  • packet list
    • colorizing / Colorizing the packet list
  • packets field / How to do it...
  • Padding (P) / RTP principles of operation
  • parameter column
    • adding / Adding a parameter column
  • parameter we filter / What is the parameter we filter?
  • Passive mode (PASV) / Analyzing FTP problems
  • payload matching filters
    • configuring / Configuring byte offset and payload matching filters, How to do it..., How it works…, There's more...
  • Payload type / RTP principles of operation
  • Pcap drivers
    • URL / See also
  • PDML (*.pdml) / Saving data in various formats
  • Plain text (*.txt) / Saving data in various formats
  • Plixer
    • URL / SNMP platforms
  • POP3
    • about / Analyzing e-mail traffic and troubleshooting e-mail problems – POP, IMAP, and SMTP, POP3 communications, POP3
  • port-range matching filters
    • tcp portrange <p1>-<p2> or udp portrange <p1>-<p2> / Getting ready
    • tcp src portrange <p1>-<p2> or udp src portrange <p1>-<p2> / Getting ready
    • tcp dst portrange <p1>-<p2> or udp src portrange <p1>-<p2> / Getting ready
  • port <port> filter / Getting ready
  • port mirror / See also
  • port monitor / See also
  • port states
    • disabled / Port states
    • blocking / Port states
    • listening / Port states
    • learning / Port states
    • forwarding / Port states
  • POST / HTTP methods
  • PostScript (*.ps) / Saving data in various formats
  • predefined values pane / Choosing from the filters menu
  • preferences menu
    • user interface, configuring / Configuring the user interface in the Preferences menu, How to do it...
    • columns, adding / Changing and adding columns
    • columns, changing / Changing and adding columns
    • capture configuration, changing / Changing the capture configuration
    • name resolution, configuring / Configuring the name resolution, How it works...
  • previous segment loss
    • about / TCP out-of-order packet events
  • previous segment lost
    • about / Getting ready
  • previous segment not captured
    • about / Getting ready
  • Proto (protocol) qualifiers / How it works...
  • protocol field / How to do it...
  • protocol filters
    • configuring / Configuring specific protocol filters, How to do it...
    • HTTP display filters / HTTP display filters
    • DNS display filters / DNS display filters
    • FTP display filters / FTP display filters
  • Protocol Hierarchy tool
    • using, from statistics menu / Using the Protocol Hierarchy tool from the Statistics menu, How to do it..., There's more...
  • Protocol Hierarchy window
    • protocol field / How to do it...
    • % Packets field / How to do it...
    • packets field / How to do it...
    • % Bytes field / How to do it...
    • bytes field / How to do it...
    • Mbit/s field / How to do it...
    • End Packets field / How to do it...
    • End Bytes field / How to do it...
    • End Mbit/s field / How to do it...
  • protocol preferences
    • configuring / Configuring protocol preferences, Getting ready
    • IPv6 preferences, configuring / Configuring of IPv4 and IPv6 Preferences
    • IPv4 preferences, configuring / Configuring of IPv4 and IPv6 Preferences
    • UDP, configuring / Configuring TCP and UDP
    • TCP, configuring / Configuring TCP and UDP
  • protocol_version / How to do it...
  • provisional/informational codes / 1xx codes – provisional/informational
  • proxy server / How it works...
  • PSH / How it works…
  • PSML / Saving data in various formats
  • PSML (*.psml) / Saving data in various formats
  • PSTN
    • about / How it works...
  • PUT / HTTP methods

R

  • range (offset$ length) pane / Choosing from the filters menu
  • Rapid Spanning Tree Protocol (RSTP) / Analyzing Spanning Tree Protocols
  • Rcvr window size field / How it works...
  • Received Signal Strength Indicator (RSSI) / How to do it…
  • record_overflow / How to do it...
  • recursive mode
    • about / There's more...
  • redirect codes / Redirect codes
  • redirection codes / 3xx codes – redirection
  • redirect server / How it works...
  • registrar server / How it works...
  • relation pane / Choosing from the filters menu
  • relative sequence numbers / How it works...
  • Remote Desktop Protocol (RDP) / Analyzing MS-TS and Citrix communications problems
  • request methods filters / How to do it...
  • res field / How it works...
  • retransmission
    • about / TCP retransmission – where do they come from and why, How to do it..., What are TCP retransmissions and what do they cause
    • to multiple destinations / Case 1 – retransmissions to many destinations
    • on single connection / Case 2 – retransmissions on a single connection
    • patterns / Case 3 – retransmission patterns
    • due to non-responsive application / Case 4 – retransmission due to a non-responsive application
    • due to delayed variations / Case 5 – retransmission due to delayed variations
  • Retransmission Time Out (RTO) / How to do it..., How it works...
  • RFC 2246, errors
    • close_modify / How to do it...
    • unexpected_message / How to do it...
    • bad_record_mac / How to do it...
    • decryption_failed / How to do it...
    • record_overflow / How to do it...
    • decompression_failure / How to do it...
    • handshake_failure / How to do it...
    • bad_certificate / How to do it...
    • unsupported_certificate / How to do it...
    • certificate_revoked / How to do it...
    • certificate_expired / How to do it...
    • certificate_unknown / How to do it...
    • illegal_parameter / How to do it...
    • unknown_ca / How to do it...
    • access_denied / How to do it...
    • decrypt_error / How to do it...
    • export_restriction / How to do it...
    • protocol_version / How to do it...
    • insufficient_security / How to do it...
    • internal_error / How to do it...
    • user_canceled / How to do it...
    • no_renegotiation / How to do it...
  • Riverbed Cascade
    • URL / Network analysers
  • root servers
    • URL / DNS namespace
  • Round Trip Time (RTT) / How to do it...
  • Round Trip Time Measurement (RTTM) / How it works...
  • Round Trip Time window
    • TCP stream graphs, retrieving / Getting information through TCP stream graphs – the Round Trip Time window, How it works...
  • router
    • monitoring / Monitoring a router
  • routing problems
    • analyzing / Analyzing routing problems, How to do it..., There's more...
  • RPC over HTTPs / Analyzing e-mail traffic and troubleshooting e-mail problems – POP, IMAP, and SMTP
  • RST / How it works…
  • RTCP / Analyzing SIP connectivity
    • about / Introduction, How it works...
    • operation, principles / The RTCP principle of operation, There's more...
  • RTCP connectivity
    • analyzing / Analyzing RTP/RTCP connectivity, How to do it...
  • RTP
    • about / Introduction, How it works...
    • operation, principles / RTP principles of operation
  • RTP connectivity
    • analyzing / Analyzing RTP/RTCP connectivity, How to do it...
  • RTSP
    • about / Introduction
    • troubleshooting / Troubleshooting RTSP, Getting ready, How to do it..., How it works...
    • stream / There's more...

S

  • S-Tag (802.1ad) / There's more…
  • SACK / How it works...
  • scanning
    • about / How it works...
  • scenarios
    • troubleshooting, for video and surveillance applications / Troubleshooting scenarios for video and surveillance applications, How to do it..., How it works...
    • troubleshooting, for IPTV applications / Troubleshooting scenarios for IPTV applications, How it works...
    • troubleshooting, for video conferencing applications / Troubleshooting scenarios for video conferencing applications, How to do it...
  • SCTP / How it works…
    • about / There's more…
  • SDP / How it works..., Analyzing SIP connectivity
    • about / How it works...
  • Second Level Domains (SLDs)
    • URL / DNS namespace
  • Seconds Since Beginning of Capture / How to do it...
  • Seconds Since Epoch / How to do it...
  • Seconds Since Previous Captured Packet / How to do it...
  • Seconds Since Previous Displayed Packet / How to do it...
  • Security Information and Event Management Systems (SIEM) / Getting ready
  • sequence number / RTP principles of operation
  • sequence number field / How it works...
  • server
    • monitoring / Monitoring a server
  • server error codes / 5xx codes – server error
  • server errors / Server errors
  • Server Message Block (SMB) / How it works...
  • Service Provider (SP) / Getting ready
  • service provider (SP) / There's more...
  • Service Provider (SP) network / Monitoring a router
  • Service Set Identification (SSID) / How to do it…
  • Session service (port 139) / Analyzing problems in the NetBIOS protocols
  • SET_PARAMETER / There's more...
  • Sevone
    • URL / The NetFlow, JFlow, and SFlow analyzers
  • sFlow
    • URL / See also
  • SFlow
    • URL / The NetFlow, JFlow, and SFlow analyzers
  • Simple Network Management Protocol (SNMP) / Monitoring a router
  • Simtec Limited
    • URL / HTTP debuggers
  • SIP
    • about / How it works...
  • SIP connectivity
    • analyzing / Analyzing SIP connectivity, Getting ready, How to do it...
    • analyzinmg / Analyzing SIP connectivity
    • 1xx codes (provisional/informational codes) / 1xx codes – provisional/informational
    • 2xx codes (success codes) / 2xx codes – success
    • 3xx codes (redirection codes) / 3xx codes – redirection
    • 4xx codes (client error codes) / 4xx codes – client error
    • 4xx codes (server error codes) / 5xx codes – server error
    • 6xx codes (global failure codes) / 6xx codes – global failure
  • SIP servers
    • proxy server / How it works...
    • redirect server / How it works...
    • registrar server / How it works...
  • Sliding Window mechanism
    • about / TCP Zero Window, Window Full, Window Change, and other Window indicators
  • SMB Mailslot Protocol / A device that generates Broadcasts
  • SMPP (Short Message Peer to Peer protocol) / Graph SMS usage – finding SMS messages sent by a specific subscriber
  • SMS messages
    • by specific subscriber, graphing / Graph SMS usage – finding SMS messages sent by a specific subscriber
  • SMTP
    • about / Analyzing e-mail traffic and troubleshooting e-mail problems – POP, IMAP, and SMTP, SMTP communications
    • status codes, URL / SMTP communications
    • status codes / SMTP and SMTP error codes (RFC3463)
  • SNMP platform / SNMP platforms
  • SNMP tools / SNMP tools
  • Socket Layer/Transport Layer Security (SSL/TLS)
    • about / Analyzing HTTPS traffic – SSL/TLS basics, How it works..., There's more...
  • SolarWinds
    • URL / SNMP platforms
  • Solarwinds
    • URL / SNMP tools
  • SolarWinds Engineering toolset
    • URL / SNMP tools
  • source and destination ports / How it works...
  • SPAN (Switched Port Analyzer) / See also
  • Spanning Tree Problems
    • about / Spanning Tree Problems
  • SPOOLS / How it works...
  • src host <host> filter / Getting ready
  • src net <net> filter / Getting ready
  • src net <net> mask <netmask> filter / Getting ready
  • src port <port> filter / Getting ready
  • start window
    • configuring / Configuring the start window, Getting ready
    • main toolbar / Main Toolbar
    • display filter toolbar / Display Filter Toolbar
    • status bar / Status Bar
  • statistics menu
    • Summary tool, using from / Using the Summary tool from the Statistics menu, How to do it..., How it works...
    • Protocol Hierarchy tool, using from / Using the Protocol Hierarchy tool from the Statistics menu, How to do it..., There's more...
    • Conversations tool, using from / Using the Conversations tool from the Statistics menu, How to do it...
    • Endpoints tool, using from / Using the Endpoints tool from the Statistics menu, How to do it..., How it works...
    • HTTP tool, using from / Using the HTTP tool from the Statistics menu, How to do it...
  • statistics tool
    • about / Introduction
    • using / Introduction
  • status bar
    • about / Status Bar
  • status codes
    • about / Status codes
    • URL / Status codes
  • storm-control action {shutdown | trap} command / There's more…
  • STP
    • analyzing / Analyzing Spanning Tree Protocols, Getting ready
    • about / Analyzing Spanning Tree Protocols
    • version types / Which STP version is running on the network?
    • topology change / Are there too many topology changes?
    • working / How it works...
    • frame fields / How it works...
    • port states / Port states
    • package examples / There's more…
  • STP frame, fields
    • Protocol ID / How it works...
    • Version / How it works...
    • Message Type / How it works...
    • flags / How it works...
    • Root Path Cost / How it works...
    • Bridge ID / How it works...
    • Port ID / How it works...
    • Message Age / How it works...
    • Max. Time / How it works...
    • Hello Time / How it works...
    • Forward Delay / How it works...
  • string calculator
    • URL / See also
  • substring operator filters
    • configuring / Configuring substring operator filters
  • success codes / Success codes, 2xx codes – success
  • SUM (*) / Getting ready
  • Summary tool
    • using, from statistics menu / Using the Summary tool from the Statistics menu, How to do it..., There's more...
  • Summary window / How to do it..., There's more...
  • switch monitoring
    • URL / See also
  • SYN / How it works…
  • Synchronization source (SSRC) / RTP principles of operation
  • Synchronous Digital Hierarchy (SDH) / There's more...
  • Synchronous Optical Network (SONet) / There's more...
  • Syslog
    • URL / Syslog

T

  • TAPs / Monitoring a router
  • TCP
    • configuring / Configuring TCP and UDP
    • about / Introduction
    • configuration / Configuring TCP and UDP preferences for troubleshooting, TCP parameters, How it works...
    • parameters / TCP parameters
    • connection issues / TCP connection problems, Getting ready, How to do it..., How it works...
    • retransmission / TCP retransmission – where do they come from and why
    • retransmission to multiple destinations / Case 1 – retransmissions to many destinations
    • retransmission, on single connection / Case 2 – retransmissions on a single connection
    • retransmission, patterns / Case 3 – retransmission patterns
    • retransmission, due to non-responsive application / Case 4 – retransmission due to a non-responsive application
    • retransmission, due to delayed variations / Case 5 – retransmission due to delayed variations
    • Sequence/Acknowledge mechanism / Regular operation of the TCP Sequence/Acknowledge mechanism
    • retransmissions / What are TCP retransmissions and what do they cause, There's more...
    • out-of order packet events / TCP out-of-order packet events, When will it happen?, How it works...
    • Zero Window / TCP Zero Window, Zero Window Probe, and Zero Window Violation
    • Zero Window Probe / TCP Zero Window, Zero Window Probe, and Zero Window Violation
    • Window Update / TCP Window Update
    • Window Full / TCP Window Full
    • Sliding Window mechanism / How it works...
    • resets / TCP resets and why they happen, How to do it...
    • resets, issues / Cases in which reset can indicate a problem
  • tcp.analysis / Getting ready
  • tcp.analysis.duplicate_ack / Getting ready
  • tcp.analysis.retransmission / Getting ready
  • tcp.analysis.retransmissions / Measuring application throughput
  • tcp.analysis.zero_window / Getting ready, Measuring application throughput
  • tcp.dstport == <value> / Getting ready
  • tcp.flags / Getting ready
  • tcp.flags.fin == 1 / Getting ready
  • tcp.flags.reset == 1 / Getting ready
  • tcp.port == <value> / Getting ready
  • tcp.srcport == <value> / Getting ready
  • tcp.streameq 2 / Measuring application throughput
  • tcp.window_size_value < <value> / Getting ready
  • TCP/IP Guide
    • URL / Books
  • TCP/UDP filters
    • configuring / Configuring TCP/UDP filters, Getting ready, How to do it..., How it works...
  • TCP attacks
    • discovering / Locating smart TCP attacks, How to do it..., There's more...
  • TCP conversations statistics
    • about / TCP/UDP conversations statistics:
  • TCP destination statistics
    • retrieving / How to do it...
  • tcp dst portrange <p1>-<p2> or udp src portrange <p1>-<p2> filter / Getting ready
  • tcpdump
    • about / tcpdump
    • website, URL / tcpdump
    • Windows version, URL / tcpdump
    • tutorial, URL / tcpdump
    • man page, URL / tcpdump
  • TCP filters
    • types, example / How to do it...
  • TCP flows
    • viewing, Flow Graph configured for / Configuring Flow Graph for viewing TCP flows, How it works...
  • TCP packet
    • source and destination ports / How it works...
    • sequence number field / How it works...
    • acknowledgement number field / How it works...
    • header length field / How it works...
    • res field / How it works...
    • flags field / How it works...
    • Rcvr window size field / How it works...
    • checksum field / How it works...
    • options field / How it works...
  • TCP port filter
    • configuring / Configuring TCP/UDP and port filters, How to do it..., How it works…
  • tcp portrange <p1>-<p2> or udp portrange <p1>-<p2> filter / Getting ready
  • TCP retransmissions
    • in stream, monitoring / How to monitor the number of TCP retransmissions in a stream
  • tcp src portrange <p1>-<p2> or udp src portrange <p1>-<p2> filter / Getting ready
  • TCP stream / How to do it...
  • TCP SYN/Port scans
    • discovering / Discovering ICMP and TCP SYN/Port scans, How to do it..., How it works..., See also
  • TEARDOWN command / There's more...
  • telephony and multimedia analysis / Getting ready, How to do it..., How it works..., There's more...
  • throughput
    • about / How it works...
    • measuring, per application over network connection / Measuring bandwidth and throughput per user and per application over a network connection, How to do it..., See also
    • measuring, per user over network connection / Measuring bandwidth and throughput per user and per application over a network connection, How to do it..., See also
  • Throughput Graph window
    • TCP stream graphs, retrieving / Getting information through TCP stream graphs – the Throughput Graph window, How it works...
  • Throughput measurements
    • with IO Graph / Throughput measurements with IO Graph, Getting ready
    • between end devices / Measuring throughput between end devices
    • about / Measuring application throughput
  • Time-Sequence (Stevens) window
    • TCP stream graphs, retrieving / Getting ready, How to do it..., There's more...
  • Time-Sequence (tcp-trace) window
    • TCP stream graphs, retrieving / Getting information through TCP stream graphs – the Time-Sequence (tcp-trace) window, How to do it..., How it works...
  • time format
    • configuring / Getting ready, How to do it...
  • timestamp / RTP principles of operation
  • Timestamps options (TSopt) / How it works...
  • Time to live (TTL) / How it works...
  • TLL / How it works...
  • toolbars
    • configuring / Configuring toolbars
    • using / There's more...
  • Top Level Domain servers (TLDs)
    • URL / DNS namespace
  • total bandwidth
    • measuring, on communication link / Measuring total bandwidth on a communication link, Getting ready, How to do it..., How it works..., There's more...
  • TRACE / HTTP methods
  • Transport Layer Security (TLS) / Colorizing the packet list
  • TTL
    • about / How it works...
  • TTL field / There's more...
  • Type Of Service (ToS) / Configuring of IPv4 and IPv6 Preferences
  • Type of Service (ToS) / How it works...
  • type qualifiers / How it works...

U

  • UDP
    • configuring / Configuring TCP and UDP
    • about / Introduction
    • configuration / Getting ready, UDP parameters
    • parameters / UDP parameters
  • udp.dstport == <value> / Getting ready
  • udp.port == <value> / Getting ready
  • udp.srcport == <value> / Getting ready
  • UDP conversations statistics
    • about / TCP/UDP conversations statistics:
  • UDP destination statistics
    • retrieving / How to do it...
  • UDP port filter
    • configuring / Configuring TCP/UDP and port filters, How it works…
  • unexpected_message / How to do it...
  • unknown_ca / How to do it...
  • unsupported_certificate / How to do it...
  • unusual traffic patterns
    • discovering / Discovering unusual traffic patterns, How to do it..., How it works..., There's more...
  • upper layer / How it works...
  • User Agent (UA)
    • about / How to do it...
  • User Agent Client (UAC) / How it works...
  • User Agents (UAs) / Analyzing SIP connectivity
  • User Agent Server (UAS) / How it works...
  • user interface
    • configuring, in preferences menu / Configuring the user interface in the Preferences menu, How to do it...
  • user_canceled / How to do it...
  • UTC Date and Time of Day / How to do it...

V

  • value pane / Choosing from the filters menu
  • ver / How it works...
  • Version (V) / RTP principles of operation
  • video and surveillance applications
    • scenarios, troubleshooting / Troubleshooting scenarios for video and surveillance applications, How to do it..., How it works...
  • video conferencing applications
    • scenarios, troubleshooting / Troubleshooting scenarios for video conferencing applications, How to do it...
  • viruses / How it works...
  • VLAN
    • about / Analyzing VLANs and VLAN tagging issues
    • internal traffic, analyzing / Monitoring traffic inside a VLAN
  • vlan <vlan_id> filter / Getting ready
  • VLAN tagged port
    • tagged frames, viewing through / Viewing tagged frames going through a VLAN tagged port, How it works..., There's more…
  • VLAN tagging issues
    • analyzing / Getting ready
  • VRFs
    • about / Finding out what is running over your network

W

  • WAF
    • URL / See also
  • warning events
    • about / Warning events and understanding them, How it works...
  • warnings tab / How to do it...
  • Web Application Firewalls (WAF) / Getting ready, There's more...
  • Web Filters
    • about / There's more...
    • URL / See also
  • Websense
    • URL / See also
  • WIFi Locator / How to do it…
  • WildPackets OmniPeak
    • URL / Network analysers
  • Window Full, TCP
    • about / TCP Window Full
  • Window Scaling Graph window
    • TCP stream graphs, retrieving / Getting information through TCP stream graphs – the Window Scaling Graph window, How to do it..., There's more...
  • Windows Size (WSopt) / How it works...
  • Window Update, TCP
    • about / TCP Window Update
  • WinPcap
    • URL / See also
  • WinPCap (Windows capture driver)
    • URL / Useful Wireshark links
  • Wireless LAN (Wi-Fi) / Analyzing wireless (Wi-Fi) problems
  • Wireless LAN (Wi-Fi) problems
    • analyzing / Analyzing wireless (Wi-Fi) problems, How to do it…
  • Wireless LAN standards
    • working / How it works…
  • Wireshark
    • locating / Locating Wireshark, How to do it...
    • updated version, URL / Getting ready
    • stable release, URL / Getting ready
    • server, monitoring / Monitoring a server
    • router, monitoring / Monitoring a router
    • firewall, monitoring / Monitoring a firewall
    • capture of data, starting / Starting the capture of data, How to do it...
    • start window, configuring / Configuring the start window, Getting ready
    • time format, configuring / Using time values and summaries, How to do it...
    • coloring rules, configuring / Configuring coloring rules and navigation techniques, Getting ready, How to do it...
    • user interface in preferences menu, configuring / Configuring the user interface in the Preferences menu, How to do it...
    • protocol preferences, configuring / Configuring protocol preferences, Getting ready
    • statistics tool / Introduction
    • Expert Infos window / How it works...
    • for telephony / Using Wireshark's features for telephony and multimedia analysis, Getting ready, How to do it..., How it works...
    • for multimedia analysis / Getting ready, How to do it..., How it works...
    • used, for monitoring jitter / Monitoring jitter and delay using Wireshark, How to do it..., How it works..., There's more...
    • used, for monitoring delay / Monitoring jitter and delay using Wireshark, How to do it..., How it works..., There's more...
    • open source software, URL / Useful Wireshark links
  • Wireshark$ Capture Filter window / How it works...
  • Wireshark filter page
    • URL / Interesting websites
  • Wireshark filters
    • URL / Interesting websites
  • Wireshark links
    • URL / Useful Wireshark links
    • downloads page, URL / Useful Wireshark links
    • learning page, URL / Useful Wireshark links
  • worms / How it works...

X

  • 1xx codes / 1xx codes – provisional/informational
  • 2xx codes / 2xx codes – success
  • 3xx codes / 3xx codes – redirection
  • 4xx codes / 4xx codes – client error
  • 5xx codes / 5xx codes – server error
  • 6xx codes / 6xx codes – global failure
  • X Axis
    • configuring / X-Axis configuration
  • XML Packet Details (*.pdml) / Saving data in various formats
  • XML Packet Summary (*.psml) / Saving data in various formats
  • Xplico
    • URL / There's more..., Other stuff

Y

  • Y Axis
    • configuring / Y-Axis configuration

Z

  • Zabbix
    • URL / SNMP platforms
  • Zero Window, TCP
    • about / TCP Zero Window, Zero Window Probe, and Zero Window Violation
  • Zero Window Probe, TCP
    • about / TCP Zero Window, Zero Window Probe, and Zero Window Violation
lock icon The rest of the chapter is locked
arrow left Previous Section
Section 1 of 1
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Sign up now
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Start free trial
Renews at $15.99/month. Cancel anytime

Authors (1)

Profile icon Orzach
Orzach
LinkedIn icon
Yoram Orzach is a senior networks and networks security advisor, providing network design and network security consulting services to a range of clients. Having spent thirty years in network and information security, Yoram has worked as a network and security engineer across many verticals in roles ranging from a network engineer, security consultant, and instructor. Yoram has gained his B.Sc. from the Technion in Haifa, Israel. Yoram's experience is both with corporate networks; service providers and Internet service providers' networks. His customers are Motorola solutions, Elbit Systems, 888, Taboola, Bezeq, PHI Networks, Cellcom, Strauss group, and many other hi-tech companies.
Read more
See other products by Orzach
Visually different images

Personalised recommendations for you

Based on your interests and search pattern
Left arrow icon
Mastering Palo Alto Networks
Mastering Palo Alto Networks
Read more
Mastering Palo Alto Networks is a hands-on guide that helps you progress from a beginner to an expert in configuring Palo Alto firewalls. It covers setup, management, and optimization with real-world examples for both on-prem and cloud environments.
Read more
May 2025 21h 32m
Cloud Native Anti-Patterns
Cloud Native Anti-Patterns
Read more
Uncover and fix cloud native anti-patterns across strategy, culture, security, and operations. This book guides you through the practical steps to avoid common traps and shift your organization toward cloud-native best practices that drive lasting success.
Read more
Mar 2025 14h 44m
AWS for System Administrators
AWS for System Administrators
Read more
Master the art of designing, deploying, and managing AWS infrastructure with industry best practices. You'll learn to automate workflows, optimize costs, and implement robust disaster recovery strategies for scalable cloud success.
Read more
May 2025 14h 12m
Kubernetes for Generative AI Solutions
Kubernetes for Generative AI Solutions
Read more
Learn step by step how to design, optimize, and deploy Generative AI projects on Kubernetes. Covering networking, observability, security, scaling, and cost optimization strategies, this guide takes you from first deployment to production excellence.
Read more
Jun 2025 11h 8m
Azure Cloud Projects
Azure Cloud Projects
Read more
Azure Cloud Projects offers a hands-on introduction to Microsoft Azure, designed to help you build real-world cloud solutions, develop job-ready skills, and apply best practices that are widely used across the cloud computing industry.
Read more
May 2025 8h 28m
Sustainable Cloud Development
Sustainable Cloud Development
Read more
This book introduces best practices for developing and deploying high-performing, eco-friendly cloud applications, helping you meet sustainability goals while delivering efficient cloud solutions.
Read more
Mar 2025 9h 12m
SLIs and SLOs Demystified
SLIs and SLOs Demystified
Read more
This comprehensive guide to reliability engineering dives deep into SLIs, SLOs, observability, and incident management. It shows you how to optimize system reliability and make data-driven decisions to balance performance and business goals.
Read more
Apr 2025 10h 0m
Right arrow icon