Question about WiREshark

WillayntoWillaynto Member Posts: 15 ■□□□□□□□□□
in CCNA & CCENT
hey all, i have question about wireshark? why so many command in wireshark
example for ether net : eth.addr eth.len eth.src
tcp.ack tcp.options.qs
ip.addr ip.fragment.overlap.conflict
r.becn fr.de

maybe i need to ask to yu, what's function wireshark?icon_sad.gif
· Share on FacebookShare on Twitter

Comments

  • chrisonechrisone Member Posts: 2,278 ■■■■■■■■■□
    Amazon.com: Wireshark Network Analysis: The Official Wireshark Certified Network Analyst Study Guide (978189393999icon_cool.gif: Laura Chappell, Gerald Combs: Books

    Packet Life

    Honeynet Project Blog | The Honeynet Project
    icon_thumright.gif
    Certs: CISSP, EnCE, OSCP, CRTP, eCTHPv2, eCPPT, eCIR, LFCS, CEH, SPLK-1002, SC-200, SC-300, AZ-900, AZ-500, VHL:Advanced+
    2023 Cert Goals: SC-100, eCPTX
    · Share on FacebookShare on Twitter
  • TheShadowTheShadow Member Posts: 1,057 ■■■■■■□□□□
    Well this is a little dated but still valid and free
    Wireshark Tutorial and Podcast from Chris Sanders

    If your link is fast enough for youtube videos watch this intro, also free from NoKentuckyU
    YouTube - Introduction to Wireshark (Part 1 of 3)
    Who knows what evil lurks in the heart of technology?... The Shadow DO
    · Share on FacebookShare on Twitter
  • WillayntoWillaynto Member Posts: 15 ■□□□□□□□□□
    thank's man, but i don't understand what's link yu give to me ?
    that's mean i must buy that product? wiresharck?icon_sad.gif
    · Share on FacebookShare on Twitter
  • seekritseekrit Member Posts: 103
    Willaynto wrote: »
    hey all, i have question about wireshark? why so many command in wireshark
    example for ether net : eth.addr eth.len eth.src
    tcp.ack tcp.options.qs
    ip.addr ip.fragment.overlap.conflict
    r.becn fr.de

    maybe i need to ask to yu, what's function wireshark?icon_sad.gif

    Wireshark has the ability to capture a ******* zillion different types of traffic. So there is a zillion different filter options that allow it to focus on specific conditions.

    Wireshark is not for the timid or the weak. The Official Study guide by Laura is pretty much the bible of packet capturing and the new book on campus for the new Wireshark Certification. If you're going to use it, you had better freshen up on your transport and networking layer traffic/protocol types.
    · Share on FacebookShare on Twitter
  • ibcritnibcritn Member Posts: 340
    Wireshark is a GUI based protocol analyzer which I really love, but sadly it has so many vulnerabilities all the time.....

    So the protocol analyzer of choice is TCPdump, or Windump for me :)
    CISSP | GCIH | CEH | CNDA | LPT | ECSA | CCENT | MCTS | A+ | Net+ | Sec+

    Next Up: Linux+/RHCSA, GCIA
    · Share on FacebookShare on Twitter
  • alan2308alan2308 Member Posts: 1,854 ■■■■■■■■□□
    Willaynto wrote: »
    thank's man, but i don't understand what's link yu give to me ?
    that's mean i must buy that product? wiresharck?icon_sad.gif

    No, you do not have to pay for wireshark. It's freely available from the website. It runs on Windows, Mac, Linux.
    Facebook LinkedIn Twitter
    · Share on FacebookShare on Twitter
  • Bl8ckr0uterBl8ckr0uter Inactive Imported Users Posts: 5,031 ■■■■■■■■□□
    Willaynto wrote: »
    thank's man, but i don't understand what's link yu give to me ?
    that's mean i must buy that product? wiresharck?icon_sad.gif


    Maybe you mean the shark appliance...
    · Share on FacebookShare on Twitter
  • WillayntoWillaynto Member Posts: 15 ■□□□□□□□□□
    hmm, thank's guys, i know wireshark now, yes they are like tcpdumb, like filter display for any command in routericon_lol.gif
    · Share on FacebookShare on Twitter
Sign In or Register to comment.