How to use packet sniffer? (WireShark)

So i've read you can do allot with a packet sniffer, i am not looking to do anything illegal, but i do want to know how i ' analyze ' the files, see if there is anything wrong but also know what types of files show what,

Let's say i want to know if my DNS is being poisioned, i want to know what i should check obviously, and what if i want to know if there's uncrypted data packets being sent, i'm curious about that.

I am not sure if i'm allowed to discuss this, since if it's used in a bad way it is illegal, but my intent is to learn.

Edit:

I'm seeing packets that say extra things like TCP Spurious Retransmission, TCP Dup ACK, and allot of weird names like the ACK and RST and Handshake / protected payload / Notify Application data, etc etc.

How do those things work?

submitted by /u/Beat_The_Box_
[link] [comments]

from hacking: security in practice https://ift.tt/m9StaEU

Comments