Wireshark 101: Packet Analysis Essentials

Wireshark می تواند ترسناک باشد. وقتی برای اولین بار با Wireshark شروع به بررسی و ردیابی فایل می کنیم، برخی از سوالات اساسی در ذهن ما هجوم می آورند: به دنبال چه چیزی باشیم؟ از کجا شروع کنیم؟ چگونه می توانیم بسته های مهم را پیدا کنیم؟ از چه فیلترهایی استفاده کنیم؟ این دوره به طور مفصل به این سوالات می پردازد. در طول این دوره، ما قصد داریم به مثال‌هایی در دنیای واقعی از نحوه استفاده عملی از Wireshark برای حل مشکلات شبکه و جداسازی حوادث امنیت سایبری نگاه کنیم. این مهارت به همه مهندسان فناوری اطلاعات کمک می کند تا مهارت های تجزیه و تحلیل و عیب یابی خود را بهبود بخشند. تکالیف با در نظر گرفتن مشارکت طراحی شده اند. فایل ردیابی را دانلود کنید، سعی کنید سوالات همراه با آن را امتحان کنید و ببینید آیا می توانید معمای شبکه را در بسته ها حل کنید. در حین یادگیری هنر تجزیه و تحلیل بسته‌ها، رابط وایرشارک را نیز بررسی می‌کنیم، ستون‌های سفارشی، فیلترها و قوانین رنگ‌آمیزی را پیکربندی می‌کنیم و یاد می‌گیریم که چگونه طرح‌بندی را سفارشی کنیم تا بتوانیم مشکلات را سریع تشخیص دهیم…

• Copyright 2024
• By: Chris Greer
• Price: $299.99
• Edition: 1st
• ISBN-10: 0-13-824093-0
• ISBN-13: 978-0-13-824093-6
• By: Addison-Wesley Professional

4 hours of video training to help you go from Packet Zero to Packet Hero with this Practical Wireshark course.

Wireshark can be intimidating. When we first start looking at a trace file with Wireshark, some basic questions begin flooding in our minds:

What should we look for? Where do we start? How can we find the packets that matter? What filters should we use? What is “normal” and what can we ignore in all this data?

This course addresses these questions in detail. Throughout this course, we are going to look at real-world examples of how to practically use Wireshark to solve network problems and isolate cybersecurity incidents. This skill will help all IT engineers to improve in their analysis and troubleshooting skills. Assignments have been designed with participation in mind. Download the trace file, try your hand at the questions that go along with it, and see if you can solve the network puzzle in the packets. While learning the art of packet analysis, we will also explore the Wireshark interface, configure custom columns, filters, and coloring rules, learning how to customize the layout so we can spot problems fast. This course will give you comfort with the Wireshark interface and the experience you need to understand core protocols.

Skill Level:

• Beginner

Learn How To:

• Capture and interpret network traffic with Wireshark
• Understand core networking protocols – DHCP, DNS, TCP/IP
• Troubleshoot the top five network problems with Wireshark
• Analyze a cybersecurity attack with Wireshark

Topics include:

• Installing Wireshark and the Command Line Tools
• Wireshark Profiles
• Configuring Profiles
• Special Operators – Contains, Matches, and In
• Creating Display Filters in Wireshark
• Capturing Traffic with the Wireshark User Interface
• How and Where to Capture Packets
• Analyzing TCP Options
• And more

Course Requirements:

Overall networking concepts routing, switching, firewalls, and the basics of how packets flow through a network. It is not required to have a CCNA level of experience, however, this would be a good starting point.

Download Wireshark from wireshark.org

Who Should Take This Course:

• Network Engineers and Cybersecurity professionals who want to learn Wireshark
• Threat hunters who want to learn to dig into protocols.

Table of Contents

Introduction

Lesson 1: Introduction to Wireshark

Learning objectives

1.1 Installing Wireshark

1.2 Your First Packet Capture

1.3 Where to capture on the network

1.4 Lab: How to Capture Network Traffic

1.5 Packet Capture Best Practices

Lesson 2: The Wireshark Interface

Learning objectives

2.1 The Default Interface

2.2 Configuring Columns

2.3 Coloring Traffic

2.4 Creating Profiles

2.5 Lab: Creating Profiles that make analysis faster

Lesson 3: How to Interpret Network Traffic

Learning objectives

3.1 The Anatomy of a Packet

3.2 The Ethernet Frame

3.3 The IP Header

3.4 The TCP Header

3.5 Lab: The Detail View in Wireshark

3.6 Lab: Finding Clear Text Strings/Passwords

Lesson 4: Filtering Network Traffic

Learning objectives

4.1 Capture Filters vs Display Filters

4.2 Filtering for IP Addresses

4.3 Filtering for TCP Conversations

4.4 Finding Text Strings

4.5 Using Time-Based Filters

4.6 Lab: Isolating Important Conversations

4.7 Lab: Removing the Unnecessary

4.8 Lab: Exporting Key Packets

Lesson 5: The Top Five Network Problems

Learning objectives

5.1 Lab: How to Identify Packet Loss

5.2 Lab: Network Congestion Slows Applications

5.3 Lab: Busy Systems and Servers

5.4 Lab: Application Latency and Turns

5.5 Lab: Protocol Problems TCP Issues

Lesson 6: Whats Next?

Learning objectives

6.1 How to get more experience with Wireshark

6.2 Next Courses to take