[HACK]IN(SIGHT) - VOL 1 NO.17
Wireshark is software that "understands" the structure of different networking protocols. It can parse and display the fields, along with their meanings as specified by different networking protocols. Wireshark uses pcap to capture packets, so it can only capture packets on the types of networks that pcap supports.
Our authors prepared 6 well-written articles concerning advanced usage of Wireshark. You will read about:
- DDoS attack detection and more intelligent traffic analysis.
- Using Wireshark to capture remote traffic.
- Creating Firewall ACL rules on the fly
- VOIP playback
- Hunting for Malwares using Wireshark
- Turn Wireshark into Intrusion Detection Tool (Profiles and Coloring Rules)
- Strategy for efficient use of Wireshark.
- Areas for further research and study
This publications is available in Hack Insight annual subscription.