Chapter 5. ADVANCED WIRESHARK FEATURES

Once you master the basic concepts of Wireshark, you will probably want to delve further into some of its more advanced features. In this chapter we'll look at some of these powerful features, including name resolution, protocol dissection, and packet reassembly.

Name Resolution

Network data is transported via various alphanumeric addressing systems that are often too long or complicated to remember, such as the physical hardware address 00:16:CE:6E:8B:24. Name resolution (also called name lookup) is the process a protocol uses to convert one identifying address into another. For example, while a computer might have the physical address 00:16:CE:6E:8B:24, the DNS and ARP protocols allow us to see its name as ...

Get Practical Packet Analysis now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Practical Packet Analysis by

Chapter 5. ADVANCED WIRESHARK FEATURES

Name Resolution

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly