What do you think?
Rate this book
Mastering Wireshark 2: Leverage Wireshark 2 to address a wide range of information security challenges
Wireshark, a combination of Kali and Metasploit, deals with the second to the seventh layer of network protocols. The book will introduce to various protocol analysis methods and will teach you how to analyze them. You will discover and work with some advanced features which will enhance the capabilities of your application. By the end, you ...
326 pages, ebook
Published May 31, 2018
1 person want to read
Ratings & Reviews
Friends & Following
Create a free account to discover what your friends think of this book!
Community Reviews
Displaying 1 of 1 review
September 6, 2018
Great practical goal-driven analysis of protocols from layer 2 to layer 7.
I highly recommend it as a starting point to Wireshark for people who are already briefly familiar with Wireshark and have at least basic knowledge of network protocols and the OSI model.
Although some protocols such as HTTP are explained in terms of what the response codes mean,
it's better learning experience if you know beforehand more about them before starting to debug their frames/packets.
Statistics are also included after the specific protocol's analysis, such as after TCP you can see I/O graphs and throughput .
The "Protocol hierarchy" statistic is a very good mention. It's a good first step when analyzing protocols without any prior knowledge on what they're based.
In my case I was debugging a gossip protocol that uses both TCP and UDP.
It was important to know when and why it switches to one or the other.
I highly recommend it as a starting point to Wireshark for people who are already briefly familiar with Wireshark and have at least basic knowledge of network protocols and the OSI model.
Although some protocols such as HTTP are explained in terms of what the response codes mean,
it's better learning experience if you know beforehand more about them before starting to debug their frames/packets.
Statistics are also included after the specific protocol's analysis, such as after TCP you can see I/O graphs and throughput .
The "Protocol hierarchy" statistic is a very good mention. It's a good first step when analyzing protocols without any prior knowledge on what they're based.
In my case I was debugging a gossip protocol that uses both TCP and UDP.
It was important to know when and why it switches to one or the other.
Displaying 1 of 1 review