Practical Packet Analysis, 2nd Edition
Using Wireshark to Solve Real-World Network Problems
Publisher: No Starch Press
Released: June 2011
Pages: 280

It's easy to capture packets with Wireshark, the world's most popular network sniffer, whether off the wire or from the air. But how do you use those packets to understand what's happening on your network?

With an expanded discussion of network protocols and 45 completely new scenarios, this extensively revised second edition of the best-selling Practical Packet Analysis will teach you how to make sense of your PCAP data. You'll find new sections on troubleshooting slow networks and packet analysis for security to help you better understand how modern exploits and malware behave at the packet level. Add to this a thorough introduction to the TCP/IP network stack and you're on your way to packet analysis proficiency.

Learn how to:

  • Use packet analysis to identify and resolve common network problems like loss of connectivity, DNS issues, sluggish speeds, and malware infections
  • Build customized capture and display filters
  • Monitor your network in real-time and tap live network communications
  • Graph traffic patterns to visualize the data flowing across your network
  • Use advanced Wireshark features to understand confusing captures
  • Build statistics and reports to help you better explain technical network information to non-techies

Practical Packet Analysis is a must for any network technician, administrator, or engineer. Stop guessing and start troubleshooting the problems on your network.

Table of Contents
Product Details
About the Author
Recommended for You
Customer Reviews

REVIEW SNAPSHOT®

by PowerReviews
No Starch PressPractical Packet Analysis, 2nd Edition
 
4.3

(based on 3 reviews)

Ratings Distribution

  • 5 Stars

     

    (2)

  • 4 Stars

     

    (0)

  • 3 Stars

     

    (1)

  • 2 Stars

     

    (0)

  • 1 Stars

     

    (0)

Reviewed by 3 customers

Sort by

Displaying reviews 1-3

Back to top

 
5.0

Good straight forward book.

By sysengineer

from Nashville, TN

About Me Sys Admin

Verified Reviewer

Pros

  • Concise
  • Easy to understand
  • Helpful examples

Cons

    Best Uses

    • Novice
    • Student

    Comments about No Starch Press Practical Packet Analysis, 2nd Edition:

    This is a very good basic book about packet analysis. It is in straight forward language and usees good examples to expand upon and explain the concepts it presents. I would recommend this book for anyone who wishes to learn more about packet analysis, expecially is you intend to us WireShark as your packet analyser.

     
    3.0

    quite good introduction into the topic

    By Michal Konrad Owsiak

    from Poland

    About Me Designer, Developer

    Verified Reviewer

    Pros

    • Accurate

    Cons

    • Difficult to understand

    Best Uses

    • Intermediate

    Comments about No Starch Press Practical Packet Analysis, 2nd Edition:

    Practical packet analysis is related, in fact, to a single product – Wireshark. Chris mentions other tools as well (in an Appendix), but he mostly focuses on this, particular tool. Wireshark allows you to analyze what's going on within the wires of your network. Listening to the wire is not that easy as you may think in the first place. First of all, it's good to know the terminology. Chris provides you with the exact knowledge you need. You will learn just enough to get started and will be told what are the differences between switches, routers, hubs, taps are. You will also know what ARP and OSI mean as well as many other abbreviations. What I specially liked within theory related section was some sort of analysis when to focus on particular device for sniffing and how to utilize it to it's extent. One remark here. For people totally fresh in network terminology I'd suggest something additional and better (easier) explained. I think, at some places book might be hard to follow. Especially when Chris discusses topics like packet components, uses computer related arithmetic, and provides not that much detailed explanation of some topics. In fact, I'd suggest this book to intermediate readers who already know something about computers and networks.

    What do I think about this book? It is good for people who are familiar with computer science but didn't work with networks so far. Why? It simply requires some level of knowledge related to networking and to data is processing. On the other hand it is based on well known, easy accessible, GUI based application. This way, you can follow it quite easily, even though you are not perfectly familiar with all the network based concepts. I'd suggest this book as a starter for people who are thinking about working with packet analysis.

    I particularly liked what Chris says at the beginning of 4th chapter: "As you perform packet analysis, you will find that a good portion of the analysis you do will happen after your capture." This is certainly true. And this sentence tells very important thing. Good network analysis is not only based on listening to the wire. In fact, it is based on a deduction. It's like detective's work.

     
    5.0

    Best book on Packets

    By sandyboy55

    from St. Louis, MO

    About Me Developer

    Verified Reviewer

    Pros

    • Accurate
    • Concise
    • Easy to understand
    • Helpful examples
    • Well-written

    Cons

      Best Uses

      • Expert
      • Intermediate
      • Novice
      • Student

      Comments about No Starch Press Practical Packet Analysis, 2nd Edition:

      Unlike other books on networking that I have read, this book assumes nothing about the reader. Any general IT professional should be able to pick this book up and pick up the concepts right away. The author starts with very basic concepts and builds slowly and steadily over the subsequent chapters. I learned how to sniff packets and analyze them which has become my new favorite hobby. Chapters 1 and 2 start with basic networking concepts, protocols, layouts, etc. Chapter 3 explains how to get started with Wireshark, the tool of choice for this book. Chapter 4 explains how to analyze the packets that were captured. Chapter 5 delves deeper into advanced Wireshark features. The rest of the book goes deeper into explaining lower and upper level protocols, real-world scenarios, slow networks, and security.

      Recently I had a crisis at work. A group of hackers had attacked the corporate network and as a result everything was shutdown for security reasons. As the network was gradually opened up for business, our business partners were not able to call some of our web services. That was a puzzling thing as other web services were reachable. As a lead for the application development team I had no idea how to debug this except to set up a SWAT team meeting with the infrastructure and networking team. I was the weakest link in the room as I had no idea what the terms and terminologies meant. Needless to say, I was embarassed. The one thing that was spoken about frequently in those meetings was Wireshark. I couldn't find a good book on Wireshark at that time so the moment this book came out, I decided to review it. I am really impressed by this book. Not that I am waiting for a crisis at work, but the next time I would definitely be well-prepared thanks to this book.

      Displaying reviews 1-3

      Back to top

       
      Buy 2 Get 1 Free Free Shipping Guarantee
      Buying Options
      Immediate Access - Go Digital what's this?
      Ebook: $39.95
      Formats:  ePub, Mobi, PDF
      Print & Ebook: $54.95
      Print: $49.95