Comments about No Starch Press Practical Packet Analysis:

Practical packet analysis is related, in fact, to a single product – Wireshark. Chris mentions other tools as well (in an Appendix), but he mostly focuses on this, particular tool. Wireshark allows you to analyze what's going on within the wires of your network. Listening to the wire is not that easy as you may think in the first place. First of all, it's good to know the terminology. Chris provides you with the exact knowledge you need. You will learn just enough to get started and will be told what are the differences between switches, routers, hubs, taps are. You will also know what ARP and OSI mean as well as many other abbreviations. What I specially liked within theory related section was some sort of analysis when to focus on particular device for sniffing and how to utilize it to it's extent. One remark here. For people totally fresh in network terminology I'd suggest something additional and better (easier) explained. I think, at some places book might be hard to follow. Especially when Chris discusses topics like packet components, uses computer related arithmetic, and provides not that much detailed explanation of some topics. In fact, I'd suggest this book to intermediate readers who already know something about computers and networks.

What do I think about this book? It is good for people who are familiar with computer science but didn't work with networks so far. Why? It simply requires some level of knowledge related to networking and to data is processing. On the other hand it is based on well known, easy accessible, GUI based application. This way, you can follow it quite easily, even though you are not perfectly familiar with all the network based concepts. I'd suggest this book as a starter for people who are thinking about working with packet analysis.

I particularly liked what Chris says at the beginning of 4th chapter: "As you perform packet analysis, you will find that a good portion of the analysis you do will happen after your capture." This is certainly true. And this sentence tells very important thing. Good network analysis is not only based on listening to the wire. In fact, it is based on a deduction. It's like detective's work.

Comments about No Starch Press Practical Packet Analysis:

Unlike other books on networking that I have read, this book assumes nothing about the reader. Any general IT professional should be able to pick this book up and pick up the concepts right away. The author starts with very basic concepts and builds slowly and steadily over the subsequent chapters. I learned how to sniff packets and analyze them which has become my new favorite hobby. Chapters 1 and 2 start with basic networking concepts, protocols, layouts, etc. Chapter 3 explains how to get started with Wireshark, the tool of choice for this book. Chapter 4 explains how to analyze the packets that were captured. Chapter 5 delves deeper into advanced Wireshark features. The rest of the book goes deeper into explaining lower and upper level protocols, real-world scenarios, slow networks, and security.

Recently I had a crisis at work. A group of hackers had attacked the corporate network and as a result everything was shutdown for security reasons. As the network was gradually opened up for business, our business partners were not able to call some of our web services. That was a puzzling thing as other web services were reachable. As a lead for the application development team I had no idea how to debug this except to set up a SWAT team meeting with the infrastructure and networking team. I was the weakest link in the room as I had no idea what the terms and terminologies meant. Needless to say, I was embarassed. The one thing that was spoken about frequently in those meetings was Wireshark. I couldn't find a good book on Wireshark at that time so the moment this book came out, I decided to review it. I am really impressed by this book. Not that I am waiting for a crisis at work, but the next time I would definitely be well-prepared thanks to this book.