The Wireshark Field Guide provides hackers, pen testers, and network administrators with practical guidance on capturing and interactively browsing computer network traffic. Wireshark is the world's foremost network protocol analyzer, with a rich feature set that includes deep inspection of hundreds of protocols, live capture, offline analysis and many other features.
The Wireshark Field Guide covers the installation, configuration and use of this powerful multi-platform tool. The book give readers the hands-on skills to be more productive with Wireshark as they drill down into the information contained in real-time network traffic. Readers will learn the fundamentals of packet capture and inspection, the use of color codes and filters, deep analysis, including probes and taps, and much more.
The Wireshark Field Guide is an indispensable companion for network technicians, operators, and engineers.
Learn the fundamentals of using Wireshark in a concise field manual
Quickly create functional filters that will allow you to get to work quickly on solving problems
Understand the myriad of options and the deep functionality of Wireshark
Solve common network problems
Learn some advanced features, methods and helpful ways to work more quickly and efficiently
I usually don't start with this, but lately I had some time constraints that made me wondering if is right to use so much time reading books. The Wireshark Field Guide Analyzing and Troubleshooting Network Traffic by Robert J. Shimonski is only 149 pages long (if we cut the introduction, indexes, etc. it boils down to 128 pages). This is a really short book and I have really appreciated this fact. Wireshark is a very useful and powerful tool, but many people do not need to know everything about it. If you need to know everything about wireshark, the best option is to download the source and read it, but this is not the case for 99.99% of the people interested in Wireshark. After this "quantitative" introduction, let's talk about quality. The book contains really high quality contents. It's rare to see so many concepts, so well explained in such short text. The only thing that this book is really missing, imho, is SSL/TLS. These two acronyms are never mentioned in the book and this is not good, even if I do understand that SSL/TLS is such a big and complex topic to be present in such small book.
I would suggest this book to anyone is interested in understanding how to use Wireshark and to anyone needs to use Wireshark and does not want to use too much time to learn it.
Disclaimer: I received a free electronic copy of this book as part of the O'Reilly Blogger Program
Bottom Line Yes, I would recommend this to a friend