Log In
Or create an account -> 
Imperial Library
  • Home
  • About
  • News
  • Upload
  • Forum
  • Help
  • Login/SignUp

Index
Practical Packet Analysis
ACKNOWLEDGMENTS Introduction
Why This Book? Concepts and Approach How to Use This Book About the Example Capture Files
1. PACKET ANALYSIS AND NETWORK BASICS
What Is Packet Analysis? Evaluating a Packet Sniffer
Supported Protocols User Friendliness Cost Program Support Operating System Support
How Packet Sniffers Work
Collection Conversion Analysis
How Computers Communicate
Networking Protocols The Seven-Layer OSI Model
The Application Layer The Presentation Layer The Session Layer The Transport Layer The Network Layer The Data Link Layer The Physical Layer
Protocol Interaction Data Encapsulation The Protocol Data Unit Network Hardware
Hubs Switches Routers
Traffic Classifications
Broadcast Traffic Multicast Traffic Unicast Traffic Broadcast Domains
2. TAPPING INTO THE WIRE
Living Promiscuously Sniffing Around Hubs Sniffing in a Switched Environment
Port Mirroring Hubbing Out ARP Cache Poisoning Using Cain & Abel
Sniffing in a Routed Environment Network Maps
3. INTRODUCTION TO WIRESHARK
A Brief History of Wireshark The Benefits of Wireshark
Supported Protocols User Friendliness Cost Program Support Operating System Support
Installing Wireshark
System Requirements Installing on Windows Systems Installing on Linux Systems
RPM-based Systems DEB-based Systems
Wireshark Fundamentals
Your First Packet Capture The Main Window
Packet List Pane Packet Details Pane Packet Bytes Pane
The Preferences Dialog
User Interface Capture Printing Name Resolution Protocols
Packet Color Coding
4. WORKING WITH CAPTURED PACKETS
Finding and Marking Packets
Finding Packets Marking Packets
Saving and Exporting Capture Files
Saving Capture Files Exporting Capture Data
Merging Capture Files Printing Packets Time Display Formats and References
Time Display Formats Packet Time Referencing
Capture and Display Filters
Capture Filters Display Filters The Filter Expression Dialog (the Easy Way) The Filter Expression Syntax Structure (the Hard Way)
Filtering Specific Protocols Comparison Operators Logical Operators Sample Filter Expressions
Saving Filters
5. ADVANCED WIRESHARK FEATURES
Name Resolution
Types of Name Resolution Tools in Wireshark
MAC Name Resolution Network Name Resolution Transport Name Resolution
Enabling Name Resolution Potential Drawbacks to Name Resolution
Protocol Dissection Following TCP Streams The Protocol Hierarchy Statistics Window Viewing Endpoints Conversations The IO Graphs Window
6. COMMON PROTOCOLS
Address Resolution Protocol Dynamic Host Configuration Protocol TCP/IP and HTTP
TCP/IP Establishing the Session
The SYN Packet SYN/ACK, the Server Response The Final ACK Packet
Beginning the Flow of Data HTTP Request and Transmission Terminating the Session
Domain Name System File Transfer Protocol
CWD Command SIZE Command RETR Command
Telnet Protocol MSN Messenger Service Internet Control Message Protocol Final Thoughts
7. BASIC CASE SCENARIOS
A Lost TCP Connection Unreachable Destinations and ICMP Codes
Unreachable Destination Unreachable Port
Fragmented Packets
Determining Whether a Packet Is Fragmented Keeping Things in Order
No Connectivity
What We Know Tapping into the Wire Analysis Summary
The Ghost in Internet Explorer
What We Know Tapping into the Wire Analysis Summary
Inbound FTP
What We Know Tapping into the Wire Analysis Summary
It's Not My Fault!
What We Know Tapping into the Wire Analysis Summary
An Evil Program
What We Know Tapping into the Wire Analysis
Filtering out the Good Remote Connection Attempts Closing In on the Problem
Summary
Final Thoughts
8. FIGHTING A SLOW NETWORK
Anatomy of a Slow Download A Slow Route
What We Know Tapping into the Wire Analysis Summary
Double Vision
What We Know Tapping into the Wire Analysis Summary
Did That Server Flash Me?
What We Know Tapping into the Wire Analysis Summary
A Torrential Downfall
What We Know Tapping into the Wire Analysis Summary
POP Goes the Email Server
What We Know Tapping into the Wire Analysis Summary
Here's Something Gnu
What We Know Tapping into the Wire Analysis Summary
Final Thoughts
9. SECURITY-BASED ANALYSIS
OS Fingerprinting A Simple Port Scan The Flooded Printer
What We Know Tapping into the Wire Analysis Summary
An FTP Break-In
What We Know Tapping into the Wire Analysis Summary
Blaster Worm
What We Know Tapping into the Wire Analysis Summary
Covert Information
What We Know Tapping into the Wire Analysis Summary
A Hacker's Point of View
What We Know Tapping into the Wire Analysis Summary
10. SNIFFING INTO THIN AIR
Sniffing One Channel at a Time Wireless Signal Interference Wireless Card Modes Sniffing Wirelessly in Windows
Configuring AirPcap Capturing Traffic with AirPcap
Sniffing Wirelessly in Linux 802.11 Packet Extras
802.11 Flags The Beacon Frame
Wireless-Specific Columns Wireless-Specific Filters
Filtering Traffic for a Specific BSS Id Filtering Specific Wireless Packet Types Filtering Specific Data Types
A Bad Connection Attempt
What We Know Tapping into the Wire Air Analysis Summary
Final Thoughts
11. FURTHER READING AFTERWORD About the Authors COLOPHON
  • ← Prev
  • Back
  • Next →
  • ← Prev
  • Back
  • Next →

Chief Librarian: Las Zenow <zenow@riseup.net>
Fork the source code from gitlab.

This is a mirror of the Tor onion service:
http://kx5thpx2olielkihfyo4jgjqfb7zx7wxr3sd4xzt26ochei4m6f7tayd.onion