Practical Packet Analysis, 3rd Edition: Using Wireshark to Solve Real-World Network Problems
Practical Packet Analysis, 3rd Edition: Using Wireshark to Solve Real-World Network Problems book cover

Practical Packet Analysis, 3rd Edition: Using Wireshark to Solve Real-World Network Problems

3rd Edition

by
Price
$31.50
Format
Paperback
Pages
368
Publisher
No Starch Press
Publication Date
ISBN-13
978-1593278021
Dimensions
7 x 0.91 x 9.25 inches
Weight
1.37 pounds

Description

"A wealth of information. Smart, yet very readable, and honestly made me excited to read about packet analysis." --TechRepublic"I'd recommend this book to junior network analysts, software developers, and the newly minted CSE/CISSP/etc.--folks that just need to roll up their sleeves and get started troubleshooting network (and security) problems." --Gunter Ollmann, former Chief Technical Officer of IOActivexa0"The next time I investigate a slow network, I'll turn to Practical Packet Analysis. And that's perhaps the best praise I can offer on any technical book." --Michael W. Lucas, author of Absolute FreeBSD and Network Flow Analysisxa0"An essential book if you are responsible for network administration on any level." --Linux Pro Magazinexa0"A wonderful, simple-to-use, and well-laid-out guide." --ArsGeek.comxa0"If you need to get the basics of packet analysis down pat, this is a very good place to start." --StateofSecurity.comxa0"Very informative and held up to the key word in its title, practical. It does a great job of giving readers what they need to know to do packet analysis and then jumps right in with vivid real-life examples of what to do with Wireshark." --LinuxSecurity.comxa0"Are there unknown hosts chatting away with each other? Is my machine talking to strangers? You need a packet sniffer to really find the answers to these questions. Wireshark is one of the best tools to do this job, and this book is one of the best ways to learn about that tool." --Free Software Magazinexa0"Perfect for the beginner to intermediate." --Daemon News Chris Sanders is a computer security consultant, researcher, and educator. He is the author of Applied Network Security Monitoring and blogs regularly at ChrisSanders.org. Chris uses packet analysis daily to catch bad guys and find evil.

Features & Highlights

  • It’s easy to capture packets with Wireshark, the world’s most popular network sniffer, whether off the wire or from the air. But how do you use those packets to understand what’s happening on your network?Updated to cover Wireshark 2.x, the third edition of
  • Practical Packet Analysis
  • will teach you to make sense of your packet captures so that you can better troubleshoot network problems. You’ll find added coverage of IPv6 and SMTP, a new chapter on the powerful command line packet analyzers tcpdump and TShark, and an appendix on how to read and reference packet values using a packet map.
  • Practical Packet Analysis
  • will show you how to:–Monitor your network in real time and tap live network communications–Build customized capture and display filters–Use packet analysis to troubleshoot and resolve common network problems, like loss of connectivity, DNS issues, and slow speeds–Explore modern exploits and malware at the packet level–Extract files sent across a network from packet captures–Graph traffic patterns to visualize the data flowing across your network–Use advanced Wireshark features to understand confusing captures–Build statistics and reports to help you better explain technical network information to non-techiesNo matter what your level of experience is,
  • Practical Packet Analysis
  • will show you how to use Wireshark to make sense of any network and get things done.

Customer Reviews

Rating Breakdown

★★★★★
60%
(164)
★★★★
25%
(68)
★★★
15%
(41)
★★
7%
(19)
-7%
(-19)

Most Helpful Reviews

✓ Verified Purchase

Great book to add to the toolbox

Had to troubleshoot a slow WLAN/LAN. Telnet sessions from wireless clients to an AS400 were excruciatingly slow for the users. Needsless to say chapter 10 of this book was on the money. TCP retransmissions from both the wireless clients and two different servers show the problem to be near the wlan controller and/or Cisco WAN appliance. Great book to add to the toolbox.
22 people found this helpful
✓ Verified Purchase

It's a good start for novice level

I think this is a good book for a beginner or novice who would really benefit from examining some common use cases for traffic analysis. I feel the uses cases however are pretty simple and straight-forward and would not benefit a benefit a person who already has a year-plus of analysis under their belt. Don't expect this book to elaborate on the the protocol specifications for the protocols in the use cases. So if you are looking at a DNS example, understand how DNS works (via the RFC) before expecting to be able hit-the-ground running diagnosing DNS problems.
21 people found this helpful
✓ Verified Purchase

Easy to follow along

This book is easy to follow along because the packet captures can be downloaded for free and viewed in Wireshark. This makes the book interactive as the reader can take closer looks at the packet captures referenced. A great resource for learning not just Wireshark but also basics of networking and cyber security.
10 people found this helpful
✓ Verified Purchase

Great book

Fun to follow along using the pcapng captures. If you have a basic knowledge of networking it’s easy to follow along and learn more
4 people found this helpful
✓ Verified Purchase

No regrets, must have reference

I've banged around with Wireshark for a while but never really dug into it deeply (or packet analysis). Enjoying this book tremendously. Clear, concise, and not dry tech writing it's taught me how to ratchet up my skill set while enjoying the journey. This book will remain on my desk as a reference for the technology and the tool.
4 people found this helpful
✓ Verified Purchase

Very good guide for packet interpretation!

Not only well written but the author goes into understandable detail about the "how's and why's" of the filters used and how to eventually get what you need out of the packets on virtually any OS.

Of all the tools available Wireshark is perhaps one of the best and multi-platform. Until you start to understand it, it's one gigantic maze but as you go through step by step and put it all together the puzzle will in the end come together for you. And you will have your "aha" moments too.

The structure of the book is very well laid out but you will need to have a fairly decent understanding of TCP/IP to really grasp the concept of what you'll be working with. I'd start there first and THEN work your way into understanding Wireshark afterwards.
3 people found this helpful
✓ Verified Purchase

Not trustworthy

With spelling mistakes, how can you trust the content!
3 people found this helpful
✓ Verified Purchase

Great Hands-on Leaning for Packet Analysis!

Great practical teaching and practice for getting more proficient with Wireshark!
3 people found this helpful
✓ Verified Purchase

Practical, Thorough and Enjoyable Reading

The third edition of Chris Sander's book Practical Packet Analysis is an expansion and update from previous versions of the book. If you have either of the the other editions and enjoyed them, you will probably want to pick up a copy of the latest version.

For those of you unfamiliar with previous editions, Practical Packet Analysis is basically broken into two different parts. The first part of the book covers networking basics from the ground up, for those of you who may be newbies to networking. The second part of the book concentrates on teaching about packet sniffing by example. The author lays out a number of different situations under which you may want to dissect and analyze traffic on your network and gives you step-by-step instructions on how to accomplish it using different software tools, mainly Wireshark.

Through a series of different scenarios, the reader should be able to confidently learn how to use packet inspection tools to troubleshoot network problems and get to the bottom of many connectivity problems. The book is written in a very thorough but laid-back style that doesn't throw a bunch of networking jargon at the reader without explaining what the phrases mean and how they are used in practical terms. It's also useful as a reference book, as it contains a number of tables, charts, diagrams and obscure line commands that you might need to look-up in some cases.

No Starch Press has a pretty good track record of publishing highly informative books that are simple to understand and enjoyable to read. This book definitely has all of those qualities.
3 people found this helpful
✓ Verified Purchase

Five Stars

Enjoyable reading.
3 people found this helpful

Related Books