First Edition
May 2007
Publisher: No Starch Press
Pages: 178
ISBN 10: 1-59327-149-2 |
ISBN 13: 9781593271497
(Average of 1 Customer Reviews)
Wireshark (formerly called Ethereal) is the world's most powerful "packet sniffer", allowing its users to uncover valuable information about computer networks (whether theirs or others'). Rather than simply take readers through Wireshark's tools Practical Packet Analysis shows how to use the software to monitor their own networks. The book is aimed at network engineers and system administrators, but it's clear enough for even Wireshark newbies. Includes a bonus CD with trace file examples as well as videos that show packet analysis in action.
Full Description
It's easy enough to install Wireshark and begin capturing packets off the wire--or from the air. But how do you interpret those packets once you've captured them? And how can those packets help you to better understand what's going on under the hood of your network? Practical Packet Analysis shows how to use Wireshark to capture and then analyze packets as you take an indepth look at real-world packet analysis and network troubleshooting. The way the pros do it.
Wireshark (derived from the Ethereal project), has become the world's most popular network sniffing application. But while Wireshark comes with documentation, there's not a whole lot of information to show you how to use it in real-world scenarios. Practical Packet Analysis shows you how to:
- Use packet analysis to tackle common network problems, such as loss of connectivity, slow networks, malware infections, and more
- Build customized capture and display filters
- Tap into live network communication
- Graph traffic patterns to visualize the data flowing across your network
- Use advanced Wireshark features to understand confusing packets
- Build statistics and reports to help you better explain technical network information to non-technical users
Because net-centric computing requires a deep understanding of network communication at the packet level, Practical Packet Analysis is a must have for any network technician, administrator, or engineer troubleshooting network problems of any kind.
Featured customer reviews
Hands on network analysis guide, June 20 2007
--- DISCLAIMER: This is a requested review by No Starch Press, however any opinions expressed within the review are my personal ones. ---
The author leads you through various scenarios which either seem or are by their very nature network related. The scenarios perimeters vary from applications to single systems (f.e. workstations) to complex networks including wireless scenarios.
The book is an essential introduction for junior system or network admins. What makes it so appealing is that it is teaching and explaining in plain simple language the problems with computers or applications that make users perceive as if the network is slow.
The book covers the scenarios EVERY admin must be aware of and (ideally) know how to cope, dissect and/or prevent them (not complete):
- Dictionary attacks
- OS fingerprinting
- Spam
- Spyware
- Trojan software
- Blaster worm
- ARP poisening
- Identity theft by using secret payloads
- Bit-Torrent and Gnutella network clients
- Routing issue
- Packet fragmention
- Lost TCP connections (Destination, port)
- No Connectivity
- OS Firewall settings (Windows)
- Access rights on web servers
- Slow downloads
- NIC configuration issue
- Application configuration
Each scenario is outlined with the keypoints within a couple of pages(2-5). Sanders describes the issue first, then the facts that we know and how to resolve the issue and why he is recommending doing it this way (in case you didnt read the previous chapters) and concludes in a summary.
Once I started reading I couldnt stop putting down the book until I finished it.
I would have loved reading even more "advanced" scenarios.
The meat of the book is definitely in the last 5 chapters. However all that is worth nothing without the excellent explanations of the essentials which are explained in the first chapters.
And here is where the book really shines. You will find nice and essential explanations in the first chapters that are gradually leading to more advanced scenarios in the later chapters. The thorough explanations are - per se - a real time saver. They make sure you can speed up in troubleshooting - and cut down on overtime ;-)
Summary:
This is an essential junior admins guide for his daily network analysis.
System admins and network admins will find the little knowledge base very valueable.
My only complaint - so to say - is that 40$ seems like a hefty price tag for the thin book on the one hand, but it does cover some serious contents very well explained on the other hand.
Once you got behind the price tag issue you will find that the book is very valuable on your daily work basis.
Media reviews
"A well-written text supported by screen shots and diagrams, this is an excellent introduction to the tools and concepts, and will serve as a useful ongoing resource."
-- Major Keary, Book News
