Using Wireshark Command Line Tools
Certain tasks are always faster and more flexible at the command line, while some can only be performed there. Wireshark is no different. You will learn how to use Wireshark command line tools such as tshark, dumpcap, editcap, and mergecap.
Packets are often referred to as the ultimate source of computer network truth. Security Engineers need them to examine and manage security threats or breaches quickly. Network Engineers demand them to get to the root cause of an issue before the user experience is affected. Software Engineers require them to measure response times across variable speed networks to adjust timers within the code. In this course, Using Wireshark Command Line Tools, you’ll learn to use tshark, dumpcap, editcap, and mergecap to capture, filter, convert and analyze the packets flying across the network. First, you’ll explore configuring a Windows machine to have Wireshark CLI tools in its PATH statement, determining which tool is best to capture packets in a given scenario, and differentiating between capture and display filters, and exploring examples using filter syntax. Next you’ll combine hundreds of pcap files into a single file and extract only the packets necessary to respond to a trouble ticket or log event. Finally, you’ll learn how to analyze the packets using statistics, including how to locate the top TCP conversation or IPv4 talker, identify network congestion or a security threat. When you’re finished with this course, you’ll have the skills and knowledge of Wireshark Command Line tools needed to capture and filter packets, and also convert and analyze packet capture files (pcaps).
Author Name: Betty DuBois
Author Description:
Betty DuBois is the Chief Detective for Packet Detectives, a network performance consulting and training firm based in Atlanta, GA. She has been solving mysteries since 1997. Experienced with a range of hardware and software packet capture solutions, she captures the right data, in the right place, and at the right time to find the real culprit. Betty shares her passion for packets as a presenter each year at SharkFest the Wireshark Developer and User Conference, and is active in the Wireshark c… more
Table of Contents
- Course Overview
1min - Capturing Packets Using Dumpcap and Tshark
29mins - Filtering Packets Using Dumpcap, Tshark, and Editcap
46mins - Managing Pcaps Using Editcap and Mergecap
19mins - Analyzing Pcaps Using Tshark
14mins
There are no reviews yet.