Laura Chappell

Broschiertes Buch

Wireshark Workbook 1

Practice, Challenges, and Solutions

Herausgeber: Aragon, James

Wireshark is the world's most popular network analyzer, used for troubleshooting, forensics, optimization, and more. It's considered one of the most successful open source projects of all time. Laura Chappell has been involved in the Wireshark project since its infancy (then called Ethereal) and is regarded as the leading authority on network protocol analysis and forensics using Wireshark. Laura Chappell, Protocol Analysis Institute, and Chappell University are not affiliated with the Wireshark Foundation. The WCNA Certification is the top global program for network analysis, with certified analysts in over 90 countries and DoD 8570 certification since 2009. This book features 16 labs based on Laura's popular "Packet Challenges," introduced at trade shows over a decade ago. You'll test your Wireshark and TCP/IP skills by answering questions based on trace files, followed by Laura's detailed, step-by-step solutions. Lab 1: Wireshark Warm-Up Objective: Get Comfortable with the Lab Process. Completion of this lab requires many of the skills you will use throughout this lab book. If you are a bit shaky on any answer, take time when reviewing the answers to this lab to ensure you have mastered the necessary skill(s). Lab 2: Proxy Problem Objective: Examine issues that relate to a web proxy connection problem. Lab 3: HTTP vs. HTTPS Objective: Analyze and compare HTTP and HTTPS communications and errors using inclusion and field existence filters. Lab 4: TCP SYN Analysis Objective: Filter on and analyze TCP SYN and SYN/ACK packets to determine the capabilities of TCP peers and their connections. Lab 5: TCP SEQ/ACK Analysis Objective: Examine and analyze TCP sequence and acknowledgment numbering and Wireshark's interpretation of non-sequential numbering patterns. Lab 6: You're Out of Order! Objective: Examine Wireshark's process of distinguishing between out-of-order packets and retransmissions and identify mis-identifications. Lab 7: Sky High Objective: Examine and analyze traffic captured as a host was redirected to a malicious site. Lab 8: DNS Warm-Up Objective: Examine and analyze DNS name resolution traffic that contains canonical name and multiple IP address responses. Lab 9: Hacker Watch Objective: Analyze TCP connections and FTP command and data channels between hosts. Lab 10: Timing is Everything Objective: Analyze and compare path latency, name resolution, and server response times. Lab 11: The News Objective: Analyze capture location, path latency, response times, and keepalive intervals between an HTTP client and server. Lab 12: Selective ACKs Objective: Analyze the process of establishing Selective acknowledgment (SACK) and using SACK during packet loss recovery. Lab 13: Just DNS Objective: Analyze, compare, and contrast various DNS queries and responses to identify errors, cache times, and CNAME (alias) information. Lab 14: Movie Time Objective: Use various display filter types, including regular expressions (regex), to analyze HTTP redirections, end-of-field values, object download times, errors, response times and more. Lab 15: Crafty Objective: Practice your display filter skills using "contains" operators, ASCII filters, and inclusion/exclusion filters, while analyzing TCP and HTTP performance parameters. Lab 16: Pattern Recognition Objective: Focus on TCP conversations and endpoints while analyzing TCP sequence numbers, Window Scaling, keep-alive, and Selective Acknowledgment capabilities.

Laura Chappell has been a protocol analyst for almost 30 years - yes, she has gray hair! Back in the 1990s, Laura became a networking evangelist and member of the IEEE while working at Novell. Laura is the CEO and Founder of Protocol Analysis Institute, Inc., and Chappell University. Laura began using Wireshark as her sole network analysis tool when it was in its infancy (under the Ethereal name) and is the original creator of Wireshark University. Laura Chappell, Protocol Analysis Institute, and Chappell University are not affiliated with the Wireshark Foundation. Laura Chappell, Protocol Analysis Institute, and Chappell University do not accept compensation to promote products and continue to prioritize unbiased, education-driven instruction. Laura teaches courses online and onsite and continues to research and write about troubleshooting, optimization, and security techniques for both terrestrial and interplanetary network systems. Laura's customers include many of the Fortune 100, as well as local, national, and international law enforcement agencies. Visit chappell-university.com for more information on Laura Chappell's projects, join her newsletter and read her blog (In Laura's Lab). Laura's courses are available online at chappell.talentlms.com. Ms. Chappell can be reached at laura@chappellu.com.

• Verlag: Laura Chappell University
• Seitenzahl: 364
• Erscheinungstermin: 11. November 2019
• Englisch
• Abmessung: 280mm x 216mm x 20mm
• Gewicht: 915g
• ISBN-13: 9781893939646
• ISBN-10: 1893939642
• Artikelnr.: 59458989