Hot on the heels of my NetCat Mind Map I am happy to bring you my Wireshark Mind Map.
Wireshark is the advertised as the worlds foremost network analyzer. It is provided as open source software and is therefore free to download and use.
Wireshark used to be called Ethereal and it is a tool I have been using for a number of years.
Sometimes, when troubleshooting, the ability to capture packets from the network and analyze what is going on is the only way to truly get to the bottom of an issue. There have been so many times when I have fired up Wireshark and fixed a network issue in a matter of minutes.
This really is a tool that you MUST learn how to use if you are involved in any network, security, or sysadmin role. The capture and display filters can be tricky to learn so persevere to get the tool to do what you want it to.
Take a look at the Mind Map and I also suggest you download Wireshark and get testing it on your own network.
I am already working on some more Mind Maps and they will be published soon.
Nice mindmap quite useful, thanks for doing these!
Glad you liked the Mind Map. Let me know if there are any others you would like to see.
Pingback: Week 1 in Review – 2010 | Infosec Events
A nice mindmap indeed. Works also as a good cheatseet for managing with Wireshark filters, which in some cases turn into a Hydra (a mythological many-headed serpent).
Wireshark has been an excellent tool in getting into the bottom of problems. With complex network you rarely can rely on documentation & logs in troubleshooting, you need to look what is actually going on from the network traffic.
One thing we had trouble, back in the days at OUSPG research group, was that due to fact that many systems depend on services all over the network, we needed captures from several points in the network to get to the bottom of things. Combining pcaps and filtering out background noise was laborious. We ended up with situations like these:
https://www.clarifiednetworks.com/Traditional Analysis
Thus we developed a nice, graphical UI which can be used to find the needle in the haystack, and then, when we needed to find the details, we could export actual packets to the Wireshark. It turned out to be something that a lot of people wanted, so we spinned off a company to develop the tool further:
https://www.clarifiednetworks.com/Clarified Analyzer
If you share your thoughts, check if our Analyzer is useful for you.