It's easy enough to install Wireshark and begin capturing packets off the wire--or from the air. But how do you interpret those packets once you've captured them? And how can those packets help you to better understand what's going on under the hood of your network? Practical Packet Analysis shows how to use Wireshark to capture and then analyze packets as you take an indepth look at real-world packet analysis and network troubleshooting. The way the pros do it.
Wireshark (derived from the Ethereal project), has become the world's most popular network sniffing application. But while Wireshark comes with documentation, there's not a whole lot of information to show you how to use it in real-world scenarios. Practical Packet Analysis shows you how to:
Use packet analysis to tackle common network problems, such as loss of connectivity, slow networks, malware infections, and more
Build customized capture and display filters
Tap into live network communication
Graph traffic patterns to visualize the data flowing across your network
Use advanced Wireshark features to understand confusing packets
Build statistics and reports to help you better explain technical network information to non-technical users
Because net-centric computing requires a deep understanding of network communication at the packet level, Practical Packet Analysis is a must have for any network technician, administrator, or engineer troubleshooting network problems of any kind.
Chris is currently employed as the Network Administrator for one of the largest public schools districts in the Commonwealth of Kentucky. He works daily with various technologies and has an expertise in Windows 2003 Server, Active Directory, Group Policy, Microsoft Virtual Server, wireless network administration, and network security. His is an admin tip writer for WindowsNetworking.com which is owned by the TechGenix network and sees 615,000+ unique visitors daily. He also maintains a personal blog at http://www.chrissanders.org which is updated often in regards to his aforementioned areas of expertise. He currently holds the status of being an A+ Certified Professional, a Microsoft Certified Professional, and a Certified Wireless Network Administrator.
Chris Sanders is currently the network administrator for a public school district in Kentucky. A Microsoft Certified Professional and Certified Wireless Network Administrator, he writes for WindowsNetwork.com, WindowsDevCenter.com, and maintains a blog at chrissanders.org. He is the author of Saving Money and Time with Virtual Server (O'Reilly Short Cut).
Practical Packet Analysis is intended to be an introductory text on packet analysis using Wireshark and does fairly well at this task. A couple favorites include a chapter covering various attacks, including coverage of the Blaster worm, and a chapter on analysis of wireless networks. Overall, a good introductory text. On the negative side, and the reason for the lower rating, are several typos and technical errors. This could lead to a great deal of confusion for a reader truly new to the topic. With a little cleanup for the second edition, this could be a great book.