Tuesday, June 1, 2010

Capture files via SMB with Wireshark!

Taddong Security blog: new plug-in for Wireshark

I'm going to have to try this on my home network.  Wireshark is one of the great tools that you can never spend too much time in.  There's tons of options and capabilities, now just to figure out how and when to use them all.  I have heard from reputable sources (former coworkers that I'd be happy to have a beer with), that the book on the left is the one to get if you really want to understand how to use Wireshark.  I may be visiting Amazon soon... :-)



  1. Being one of those esteemed colleagues...the one that actually has the book...it is a really good read. It has a lot of network troubleshooting stuff, but there is a good amount of security centric things that can be done with Wireshark in there.

    Stuff like Chapt 30: Network Forensics, Chapt 32 Analyze Suspect Traffic, and Chapter 33 - Effective Use of Command-Line tools. All of the chapters have a little "practice what you learned" exercise and review questions. There are also Case Studies throughout the book for examples of the usage in the real world.

    I'd highly recommend it.

  2. Excellent. I'll have to pick up a copy when I'm done reading these other books...or if I have an immediate need. Maybe work will buy me one. :-)