Ebook: Wireshark for Security Professionals: Using Wireshark and the Metasploit Framework

Cover -- Title Page -- Copyright -- About the Authors -- About the Technical Editor -- Acknowledgments -- Credits -- Contents -- Introduction -- Overview of the Book and Technology -- How This Book Is Organized -- Who Should Read This Book -- Tools You Will Need -- What's on the Website -- Summary -- Chapter 1: Introducing Wireshark -- What Is Wireshark? -- A Best Time to Use Wireshark? -- Avoiding Being Overwhelmed -- The Wireshark User Interface -- Packet List Pane -- Packet Details Pane -- Packet Bytes Pane -- Filters -- Capture Filters -- Display Filters -- Summary -- Exercises -- Chapter 2: Setting Up the Lab -- Kali Linux -- Virtualization -- Basic Terminology and Concepts -- Benefits of Virtualization -- VirtualBox -- Installing VirtualBox -- Installing the VirtualBox Extension Pack -- Creating a Kali Linux Virtual Machine -- Installing Kali Linux -- The W4SP Lab -- Requirements -- A Few Words about Docker -- What Is GitHub? -- Creating the Lab User -- Installing the W4SP Lab on the Kali Virtual Machine -- Setting Up the W4SP Lab -- The Lab Network -- Summary -- Exercises -- Chapter 3: The Fundamentals -- Networking -- OSI Layers -- Networking between Virtual Machines -- Security -- The Security Triad -- Intrusion Detection and Prevention Systems -- False Positives and False Negatives -- Malware -- Spoofing and Poisoning -- Packet and Protocol Analysis -- A Protocol Analysis Story -- Ports and Protocols -- Summary -- Exercises -- Chapter 4: Capturing Packets -- Sniffing -- Promiscuous Mode -- Starting the First Capture -- TShark -- Dealing with the Network -- Local Machine -- Sniffing Localhost -- Sniffing on Virtual Machine Interfaces -- Sniffing with Hubs -- SPAN Ports -- Network Taps -- Transparent Linux Bridges -- Wireless Networks -- Loading and Saving Capture Files -- File Formats -- Ring Buffers and Multiple Files.