Wireshark for Network Forensics: An Essential Guide for It and Cloud Professionals (Paperback)

Chapter 1: Wireshark Primer

·         Introduction to Wireshark Architecture

·         Wireshark Package installation and Usage

·         Wireshark Cloud Services

·         Version and feature parity

·         Basic Analysis and filtering

·         Data stream and Graphs

·         Summary

 Chapter 2: Packet Capture and Analysis

§  Native Tool based Traffic Capture

§  Wireshark tool based Traffic Capture

§  Wireless Capture Modes and Configurations

·         High volume packet analysis (size based, capture filters)

·         Wireshark command line tool

·         Mobile devices Traffic Capture

 Chapter 3: Capturing Secured Application for Analysis

·         Introduction to Secured Applications

·         Secure DNS

·         mTLS

·         IPsec, ISAKMP, Kerberos

·         SNMPv3

·         WEP, and WPA/WPA2/WPA3

Chapter4: Wireless Packet Capture and Analysis

·         Basics of Wireless Technology

·         Wireless packet types (data, control, auth)

·         Effect of Wireshark modes (monitor, promiscuous) on wireless capture 

·         Setting up Wireshark 802.11 captures for various OS types

·         Decoding beacons/WEP/WPA/WPA2

·         Wireless packet analysis

Chapter 5: Multimedia Capture and Analysis

·         Introduction to Multimedia Applications

·         Export Objects (file, images applications) from data stream

·         video content extraction and replay (RTP / RTSP)

·         mpeg live streams capture and replay

·         VoIP call analysis and replay

Chapter 6: Cloud and Cloud-Native Traffic Capture

·         Introduction and Cloud and Cloud Native Applications

·         Native and Wireshark Captures in AWS

·         Native and Wireshark Captures in GCP

·         Native and Wireshark Captures in Azure

·         LXC and Namespace based capture

·         Kubernetes POD capture

·         Introduction to Bluetooth and Usecase

·         HCIDump captures

·         Bluetooth protocol analysis

Chapter 8: Wireshark Analysis and Network Forensic

·         Networking protocol operation analysis

·         Analyzing network throughput issues, performance degradations

·         Network security attack identification , post mortems, prevention

·         Discovering malwares, covert communications

·         Packet replays

Chapter 9: Writing your own dissector

·         Wireshark Dissectors

·         Use Case Example