About the Sample Capture Files
1
PACKET ANALYSIS AND NETWORK BASICS
Packet Analysis and Packet Sniffers
Sniffing in a Switched Environment
Sniffing in a Routed Environment
4
WORKING WITH CAPTURED PACKETS
Saving and Exporting Capture Files
Setting Time Display Formats and References
Adding Display Filters to a Toolbar
Endpoints and Network Conversations
Identifying Top Talkers with Endpoints and Conversations
Potential Drawbacks to Name Resolution
Manually Initiated Name Resolution
6
PACKET ANALYSIS ON THE COMMAND LINE
Time Display Formats in TShark
Address Resolution Protocol (ARP)
Internet Protocol Version 4 (IPv4)
Internet Protocol Version 6 (IPv6)
Internet Control Message Protocol (ICMP)
Transmission Control Protocol (TCP)
Dynamic Host Configuration Protocol (DHCP)
The DHCP Initialization Process
DHCP Options and Message Types
Hypertext Transfer Protocol (HTTP)
Simple Mail Transfer Protocol (SMTP)
Gateway Configuration Problems
TCP Duplicate Acknowledgments and Fast Retransmissions
Halting Data Flow with a Zero Window Notification
The TCP Sliding Window in Practice
Learning from TCP Error-Control and Flow-Control Packets
Locating the Source of High Latency
Slow Communications: Wire Latency
Slow Communications: Client Latency
Slow Communications: Server Latency
12
PACKET ANALYSIS FOR SECURITY
Operating System Fingerprinting
Sniffing One Channel at a Time
Detecting and Analyzing Signal Interference
Sniffing Wirelessly in Windows
Capturing Traffic with AirPcap
Adding Wireless-Specific Columns to the Packet List Pane
Filtering Traffic for a Specific BSS ID
Filtering Specific Wireless Packet Types
Filtering a Specific Frequency
Practical Packet Analysis Online Course
SANS’s Security Intrusion Detection In-Depth Course
Brad Duncan’s Malware Traffic Analysis