You are previewing The Wireshark Field Guide.
O'Reilly logo
The Wireshark Field Guide

Book Description

The Wireshark Field Guide provides hackers, pen testers, and network administrators with practical guidance on capturing and interactively browsing computer network traffic. Wireshark is the world's foremost network protocol analyzer, with a rich feature set that includes deep inspection of hundreds of protocols, live capture, offline analysis and many other features.

The Wireshark Field Guide covers the installation, configuration and use of this powerful multi-platform tool. The book give readers the hands-on skills to be more productive with Wireshark as they drill down into the information contained in real-time network traffic. Readers will learn the fundamentals of packet capture and inspection, the use of color codes and filters, deep analysis, including probes and taps, and much more.

The Wireshark Field Guide is an indispensable companion for network technicians, operators, and engineers.



  • Learn the fundamentals of using Wireshark in a concise field manual
  • Quickly create functional filters that will allow you to get to work quickly on solving problems
  • Understand the myriad of options and the deep functionality of Wireshark
  • Solve common network problems
  • Learn some advanced features, methods and helpful ways to work more quickly and efficiently

Table of Contents

  1. Cover image
  2. Title page
  3. Table of Contents
  4. Copyright
  5. Dedication
  6. Preface
  7. About the Author
  8. Acknowledgment
  9. Introduction
    1. About Wireshark
    2. Installing Wireshark
    3. Configuring a System
    4. Capturing Packets
    5. Color Codes
    6. Filters
    7. Sample Captures
    8. Inspecting Packets
    9. Deep Analysis
    10. Saving Captures
  10. Chapter 1. About Wireshark
    1. 1.1 Introduction
    2. 1.2 What Is Wireshark?
    3. 1.3 What Is Network and Protocol Analysis?
    4. 1.4 The History of Wireshark
    5. 1.5 Troubleshooting Problems
    6. 1.6 Using Wireshark to Analyze Data
    7. 1.7 The OSI Model
    8. 1.8 Summary
  11. Chapter 2. Installing Wireshark
    1. 2.1 Introduction
    2. 2.2 Getting Started
    3. 2.3 Requirements
    4. 2.4 Installation Preparation
    5. 2.5 Installing Wireshark
    6. 2.6 Summary
  12. Chapter 3. Configuring a System
    1. 3.1 Introduction
    2. 3.2 Getting Started
    3. 3.3 Configuring a Cisco Port Monitor
    4. 3.4 Other Tools and Methodologies
    5. 3.5 Summary
  13. Chapter 4. Capturing Packets
    1. 4.1 Introduction
    2. 4.2 Getting Started
    3. 4.3 Summary
  14. Chapter 5. Color Codes
    1. 5.1 Getting Started
    2. 5.2 Creating Color Code Lists
    3. 5.3 Adding and Removing Filters
    4. 5.4 Other Coloring Options
    5. 5.5 Summary
  15. Chapter 6. Filters
    1. 6.1 Getting Started
    2. 6.2 Applying a Filter
    3. 6.3 Advanced Filter Creation
    4. 6.4 Other Filtering Techniques
    5. 6.5 Customized Filtering and Troubleshooting
    6. 6.6 Conversation Filters
    7. 6.7 Summary
  16. Chapter 7. Sample Captures
    1. 7.1 Getting Started
    2. 7.2 Sample Captures
    3. 7.3 Expert Analysis
    4. 7.4 Flow Graphs
    5. 7.5 Summary
  17. Chapter 8. Inspecting Packets
    1. 8.1 Getting Started
    2. 8.2 Understanding the Technology
    3. 8.3 Capturing and Filtering Data
    4. 8.4 Inspection of the Data
    5. 8.5 Analysis Tools
    6. 8.6 Summary
  18. Chapter 9. Deep Analysis
    1. 9.1 Getting Started
    2. 9.2 Deep Analysis
    3. 9.3 Analyzing Flow
    4. 9.4 Troubleshooting Phones
    5. 9.5 Security Analysis
    6. 9.6 Network Performance Analysis and Optimization
    7. 9.7 Using Wireshark Online
    8. 9.8 Summary
  19. Chapter 10. Saving Captures
    1. 10.1 Getting Started
    2. 10.2 Saving Captures
    3. 10.3 Saving Captures (Multiple Files)
    4. 10.4 Saving in Other Formats
    5. 10.5 Importing and Exporting Data
    6. 10.6 Merging Data
    7. 10.7 Summary