Wireshark-users: Re: [Wireshark-users] Beginner

From: "Laura Chappell" <lchappell@xxxxxxxxxxxxxxxx>
Date: Thu, 12 Jul 2007 21:33:57 -0700

In addition, you can download the ISO image of the Laura’s Lab Kit v8 from www.novell.com/connectionmagazine/laurachappell.html - there are training resources on the DVD.  In addition, at that same URL I have recorded monthly articles on network troubleshooting, network forensics and reconnaissance. Free to all.

 

I agree with the need to understand the protocols! I co-authored “Guide to TCP/IP” with Ed Tittel – not sure where it is sold – it’s used as a college textbook – check Amazon I guess.

 

Laura Chappell

Founder, Wireshark University

Sr. Protocol/Security Analyst, Protocol Analysis Institute

 

******************************************************************************

This message is intended only for the use of the addressee and may contain information that is privileged and confidential. If you are not the intended recipient, you are hereby notified that any use and/or dissemination of this communication is strictly prohibited. If you have received this communication in error, please delete all copies of the message and its attachements and notify the sender immediately.

******************************************************************************

 

 

 

From: wireshark-users-bounces@xxxxxxxxxxxxx [mailto:wireshark-users-bounces@xxxxxxxxxxxxx] On Behalf Of zuoheng
Sent: Thursday, July 12, 2007 7:25 PM
To: Community support list for Wireshark
Subject: Re: [Wireshark-users] Beginner

 

I am new to Wireshark too. But I would share some experience with you.

First, before you use Wireshark analyzing some network traffic, you need have some knowledge about TCP/IP fundamental. Such as ARP packets, DNS query packets, IP sourece address, IP destination address, TCP port number, UDP port number, are quite basic concepts of TCP/IP stack. 

"Interworking with TCP/IP" Volume 1 or "Illustration TCP/IP" Volume 1 are two good books to read.

Second, you may move to speicifid application, such as http, email, nfs, cifs. These are upper layer 
protocol based on TCP/IP. One of Wireshark's strong point is that it provides so many dissectors to decode protocols. Though Wireshark is a good tool to capture and decode network traffic, and even give an 
analyzing, you'd better know the protocol by your own and then utilize Wireshark.

www.wiresharktraning.com has a free section of video cource and some tech notes, you may find it useful.

http://www.wiresharktraining.com/files/msteched_traces.zip
http://www.wiresharktraining.com/files/2007_microsoft_chappell.zip


my 2 cents.

/zuoheng

On 7/13/07, Kenta Kentson <kenta_08@xxxxxxxxxxx> wrote:

Hi,

I'm new to this with wireshark, but I'm trying to learn.
And my question is, what is the best way to learn? I've been googeling alot but so far I havn't found
a good tutorial.
So I have been trying a bit for myself, tried too pick upp a password as i logged in to my mail for example, but have no idea where too look for it becasue there are like 200 files :P

thx in advance// kenta :P


Ring dina vänner med Messenger -- gratis Testa nu!


_______________________________________________
Wireshark-users mailing list
Wireshark-users@xxxxxxxxxxxxx
http://www.wireshark.org/mailman/listinfo/wireshark-users