Instant Traffic Analysis with Tshark How-to
By Borja Merino
()
About this ebook
Related to Instant Traffic Analysis with Tshark How-to
Related ebooks
Penetration Testing Bootcamp Rating: 5 out of 5 stars5/5Netcat Power Tools Rating: 3 out of 5 stars3/5Wireshark Network Security Rating: 3 out of 5 stars3/5Nmap Essentials Rating: 4 out of 5 stars4/5Wireshark Essentials Rating: 0 out of 5 stars0 ratingsHands-On Network Forensics: Investigate network attacks and find evidence using common network forensic tools Rating: 0 out of 5 stars0 ratingsMastering Wireshark Rating: 2 out of 5 stars2/5Kali Linux Wireless Penetration Testing Essentials Rating: 5 out of 5 stars5/5Penetration Testing with BackBox Rating: 0 out of 5 stars0 ratingsPacket Analysis with Wireshark Rating: 0 out of 5 stars0 ratingsMastering the Nmap Scripting Engine Rating: 0 out of 5 stars0 ratingsMastering Kali Linux for Advanced Penetration Testing - Second Edition Rating: 0 out of 5 stars0 ratingsLearning Penetration Testing with Python Rating: 0 out of 5 stars0 ratingsKali Linux Network Scanning Cookbook - Second Edition Rating: 0 out of 5 stars0 ratingsApplied Network Security Rating: 0 out of 5 stars0 ratingsThe Wireshark Field Guide: Analyzing and Troubleshooting Network Traffic Rating: 4 out of 5 stars4/5Packet Tracer Network Simulator Rating: 5 out of 5 stars5/5Hack Proofing Your Network Rating: 0 out of 5 stars0 ratingsBuilding a Pentesting Lab for Wireless Networks Rating: 0 out of 5 stars0 ratingsEssential Skills for Hackers Rating: 3 out of 5 stars3/5Nmap in the Enterprise: Your Guide to Network Scanning Rating: 0 out of 5 stars0 ratingsBeginning Ethical Hacking with Kali Linux: Computational Techniques for Resolving Security Issues Rating: 0 out of 5 stars0 ratingsCuckoo Malware Analysis Rating: 0 out of 5 stars0 ratingsNetwork Performance and Security: Testing and Analyzing Using Open Source and Low-Cost Tools Rating: 0 out of 5 stars0 ratingsKali Linux 2: Windows Penetration Testing Rating: 5 out of 5 stars5/5Instant Java Password and Authentication Security Rating: 0 out of 5 stars0 ratingsMastering Python Forensics Rating: 4 out of 5 stars4/5Web Penetration Testing with Kali Linux Rating: 5 out of 5 stars5/5
Networking For You
Mike Meyers' CompTIA Network+ Certification Passport, Sixth Edition (Exam N10-007) Rating: 1 out of 5 stars1/5Networking All-in-One For Dummies Rating: 5 out of 5 stars5/5Linux Bible Rating: 0 out of 5 stars0 ratingsNetworking For Dummies Rating: 5 out of 5 stars5/5Practical Ethical Hacking from Scratch Rating: 5 out of 5 stars5/5SharePoint For Dummies Rating: 0 out of 5 stars0 ratingsAWS Certified Cloud Practitioner Study Guide: CLF-C01 Exam Rating: 5 out of 5 stars5/5Network+ Study Guide & Practice Exams Rating: 4 out of 5 stars4/5CompTIA Network+ Certification Guide (Exam N10-008): Unleash your full potential as a Network Administrator (English Edition) Rating: 0 out of 5 stars0 ratingsQuantum Computing For Dummies Rating: 0 out of 5 stars0 ratingsHacking Android Rating: 4 out of 5 stars4/5CompTIA Network+ Practice Tests: Exam N10-008 Rating: 0 out of 5 stars0 ratingsThe Compete Ccna 200-301 Study Guide: Network Engineering Edition Rating: 5 out of 5 stars5/5Windows Command Line Administration Instant Reference Rating: 0 out of 5 stars0 ratingsCCNA Certification Study Guide, Volume 2: Exam 200-301 Rating: 0 out of 5 stars0 ratingsCompTIA Network+ Certification Study Guide: Exam N10-004: Exam N10-004 2E Rating: 4 out of 5 stars4/5Cybersecurity: The Beginner's Guide: A comprehensive guide to getting started in cybersecurity Rating: 5 out of 5 stars5/5Earning Money through Crypto Currency Airdrops, Faucets, Cloud Mining, Online Trading and Online Advertisements Rating: 0 out of 5 stars0 ratingsUnlock Any Roku Device: Watch Shows, TV, & Download Apps Rating: 0 out of 5 stars0 ratingsCisco Networking All-in-One For Dummies Rating: 4 out of 5 stars4/5Applied Network Security Monitoring: Collection, Detection, and Analysis Rating: 3 out of 5 stars3/5Raspberry Pi Electronics Projects for the Evil Genius Rating: 3 out of 5 stars3/5Cisco Packet Tracer for Beginners Rating: 5 out of 5 stars5/5The Windows Command Line Beginner's Guide: Second Edition Rating: 4 out of 5 stars4/5MCA Microsoft Certified Associate Azure Administrator Study Guide: Exam AZ-104 Rating: 0 out of 5 stars0 ratingsAmazon Web Services (AWS) Interview Questions and Answers Rating: 5 out of 5 stars5/5Programming Arduino: Getting Started with Sketches Rating: 4 out of 5 stars4/5Home Networking Do-It-Yourself For Dummies Rating: 4 out of 5 stars4/5
Reviews for Instant Traffic Analysis with Tshark How-to
0 ratings0 reviews
Book preview
Instant Traffic Analysis with Tshark How-to - Borja Merino
Table of Contents
Instant Traffic Analysis with Tshark How-to
Credits
About the Author
About the Reviewer
www.PacktPub.com
Support files, eBooks, discount offers and more
Why Subscribe?
Free Access for Packt account holders
Preface
What this book covers
What you need for this book
Who this book is for
Conventions
Reader feedback
Customer support
Errata
Piracy
Questions
1. Instant Traffic Analysis with Tshark How-to
Capturing data with Tshark (Must know)
Getting ready
How to do it...
How it works...
Capturing traffic (Must know)
How to do it...
Bridge mode
Packet capturing
Port mirroring
Remote capture with rpcapd
ARP spoofing
How it works...
Delimiting network problems (Should know)
How to do it...
How it works...
Implementing useful filters (Should know)
How to do it...
Malicious domains
Passive DNS
Matches operator
How it works...
There's more...
Decoding protocols (Become an expert)
How to do it...
How it works...
Auditing network attacks (Become an expert)
How to do it...
ARP spoofing
DHCP spoofing
DoS attacks
How it works...
There's more...
Analyzing network forensic data (Become an expert)
Getting ready
How to do it...
There's more...
Auditing network applications (Must know)
How to do it...
There's more...
Analyzing malware traffic (Must know)
Getting ready
How to do it...
How it works...
There's more...
Automating tasks (Must know)
Getting ready
How to do it...
How it works...
There's more...
Instant Traffic Analysis with Tshark How-to
Instant Traffic Analysis with Tshark How-to
Copyright © 2013 Packt Publishing
All rights reserved. No part of this book may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written permission of the publisher, except in the case of brief quotations embedded in critical articles or reviews.
Every effort has been made in the preparation of this book to ensure the accuracy of the information presented. However, the information contained in this book is sold without warranty, either express or implied. Neither the author, nor Packt Publishing, and its dealers and distributors will be held liable for any damages caused or alleged to be caused directly or indirectly by this book.
Packt Publishing has endeavored to provide trademark information about all of the companies and products mentioned in this book by the appropriate use of capitals. However, Packt Publishing cannot guarantee the accuracy of this information.
First published: April 2013
Production Reference: 1170413
Livery Place
35 Livery Street
Birmingham B3 2PB, UK
ISBN 978-1-78216-538-5
www.packtpub.com
Credits
Author
Borja Merino
Reviewer
Nelo Belda Atoche
IT Content Commissioning Editor
James Jones
Commissioning Editor
Ameya Sawant
Technical Editor
Varun Pius Rodrigues
Project Coordinator
Sneha Modi
Proofreader
Stephen Copestake
Graphics
Ronak Dhruv
Production Coordinator
Shantanu Zagade
Cover Work
Shantanu Zagade
Cover Image
Conidon Miranda
About the Author
Borja Merino is a security researcher from León, Spain. He studied Computer Science at the Pontificia University of Salamanca and he is certified in OSCP, OSWP, OSCE, CCNA Security, CCSP, Cisco Firewall, SMFE, CISSP, and NSTISSI 4011. He has published several papers about pentesting and exploiting. He is also a Metasploit community contributor and one of the authors of the blog www.securityartwork.com, where he regularly writes security articles. You can follow him on Twitter at @BorjaMerino.
I would like to dedicate this book (my first mini book) to my family, especially my parents and my brother, the most important people to me. Of course, I also dedicate it to my girlfriend and my best colleagues although some of them do not even know what a protocol analyzer is.
Finally, I would like to give special thanks to the Technical Reviewer Nelo and my friend Alfon who, without hesitation, offered to help me with the review of the book. Thank you guys!
About the Reviewer
Nelo Belda Atoche is a Security Analyst in S2 Grupo. He received a Technical Engineering degree in Telecommunication from the Universitat Politècnica de València and a Master’s degree in Information Systems and Technology Management and Administration from the Universitat Oberta de Catalunya. Since his early student years, he has been focused on Computer Security.
He currently works as an Incident Handler (GIAC Certified on Incident Handler, GCIH) in a Computer Security Incident Response Team, at the Spanish company S2 Grupo. He performs tasks of network and computer analysis and forensics, incident response, and IDS/IPS management, among others. He also has collaborated on various technical reports, about critical infrastructure protection, as well as in the blog SecurityArtWork.
www.PacktPub.com
Support files, eBooks, discount offers and more
You might want to visit www.PacktPub.com for support files and downloads related to your book.
Did you know that Packt offers eBook versions of every book published, with PDF and ePub files available? You can upgrade to the eBook version at www.PacktPub.com