Description

Ethereal is the #2 most popular open source security tool used by system administrators and security professionals. This all new book builds on the success of Syngress’ best-selling book Ethereal Packet Sniffing. This book provides complete information and step-by-step Instructions for analyzing protocols and network traffic on Windows, Unix or Mac OS X networks. First, readers will learn about the types of sniffers available today and see the benefits of using Ethereal. Readers will then learn to install Ethereal in multiple environments including Windows, Unix and Mac OS X as well as building Ethereal from source and will also be guided through Ethereal’s graphical user interface. The following sections will teach readers to use command-line options of Ethereal as well as using Tethereal to capture live packets from the wire or to read saved capture files. This section also details how to import and export files between Ethereal and WinDump, Snort, Snoop, Microsoft Network Monitor, and EtherPeek. The book then teaches the reader to master advanced tasks such as creating sub-trees, displaying bitfields in a graphical view, tracking requests and reply packet pairs as well as exclusive coverage of MATE, Ethereal’s brand new configurable upper level analysis engine. The final section to the book teaches readers to enable Ethereal to read new Data sources, program their own protocol dissectors, and to create and customize Ethereal reports.

Key Features

Ethereal is the #2 most popular open source security tool, according to a recent study conducted by insecure.org Syngress' first Ethereal book has consistently been one of the best selling security books for the past 2 years The companion Web site for the book provides readers with dozens of open source security tools and working scripts

Readership

Security professionals

Table of Contents

1: Introducing Network Analysis 2:Introducing Ethereal: Network Protocol Analyzer 3:Getting and Installing Ethereal 4. Building Ethereal from Source 4:Running Ethereal 5:Understanding Filters 6:Mastering Tethereal 7. Master MATE: The Configurable Upper Level Analysis Engine 8:Integrating Ethereal with Other Sniffers 9: Dissecting Real World Packet Captures 10: Coding for Ethereal 11: Capture File Formats 12: Protocol Dissectors 13: Reporting from Ethereal Appendix – Supported Protocols

Details

No. of pages:
448
Language:
English
Copyright:
© 2006
Published:
Imprint:
Syngress
eBook ISBN:
9780080506012
Print ISBN:
9781597490733

About the authors

Angela Orebaugh

Angela Orebaugh (, GCIA, GCFW, GCIH, GSEC, CCNA) is a Senior Scientist in the Advanced Technology Research Center of Sytex, Inc. where she works with a specialized team to advance the state of the art in information systems security. She has over 10 years experience in information technology, with a focus on perimeter defense, secure network design, vulnerability discovery, penetration testing, and intrusion detection systems. She has a Masters in Computer Science, and is currently pursuing her Ph.D. with a concentration in Information Security at George Mason University.

Affiliations and Expertise

Washington, D.C. Senior Scientist in the Advanced Technology Research Center, Sytex, Inc., Washington, DC, USA

Gilbert Ramirez

Affiliations and Expertise

Author, Snort 2.1 Intrusion Detection

Jay Beale

Affiliations and Expertise

Series Editor of the Jay Beale Open Source Security Series, lead developer of the Bastille project, Seattle, WA