O’Reilly news

Practical Packet Analysis, 2nd Edition--New from No Starch Press: A Hands-On Guide to Using Wireshark to Solve Real-World Network Problems

June 22, 2011

Practical Packet Analysis, 2nd Edition

Request Review copy

San Francisco, CA, June 22, 2011—Wireshark, the free and open source packet analyzer, lets users capture, examine, and reassemble packets in order to troubleshoot their network problems. But once the packets are captured, the work has just begun.

In Practical Packet Analysis (No Starch Press, July 2011, 280 pp., $49.95, ISBN 9781593272661), readers learn how to use Wireshark to analyze packets in order to better understand network communication and troubleshoot network problems. This completely revised and updated second edition includes an expanded discussion of network protocols and 45 new scenarios. Readers will also find new material on troubleshooting slow networks and a section explaining how modern exploits and malware behave at the packet level. Add to this a thorough introduction to the TCP/IP network stack and readers will be on their way to packet analysis proficiency in no time.

"If someone can analyze network traffic effectively at the packet level, there are few problems they can't solve," said author Chris Sanders. "This book is for anyone who wants to better understand their network, whether they're a programmer, network administrator, or even a network security analyst."

In Practical Packet Analysis, readers learn how to:

  • Use packet analysis to identify and resolve common network problems like loss of connectivity, DNS issues, sluggish speeds, and malware infections
  • Build customized capture and display filters
  • Monitor their network in real-time and tap live network communications
  • Graph traffic patterns to visualize the data flowing across their network
  • Use advanced Wireshark features to understand confusing captures
  • Build statistics and reports to help them better explain technical network information to non-techies

Practical Packet Analysis is a must for any network administrator or engineer who wants a better understanding of how his or her network works.

For more information or to request a review copy of Practical Packet Analysis, 2nd Edition, contact Travis Peterson at No Starch Press (nostarchpr@oreilly.com, +1.415.863.9900, x100), or visit www.nostarch.com.

About the Author

Chris Sanders is a computer security consultant, author, and researcher. A SANS mentor who holds several industry certifications, including CISSP, GCIA, GCIH, and GREM, he writes regularly for WindowSecurity.com and his blog, ChrisSanders.org. Sanders uses Wireshark daily for packet analysis. He lives in Charleston, South Carolina, where he works as a government defense contractor.

Praise for the first edition of Practical Packet Analysis
"An essential book if you are responsible for network administration on any level."
LINUX PRO MAGAZINE

"A wonderful, simple to use and well laid out guide."
ARSGEEK.COM

"If you need to get the basics of packet analysis down pat, this is a very good place to start."
STATEOFSECURITY.COM

"It does a great job of giving readers what they need to know to do packet analysis and then jumps right in with vivid real life examples of what to do with Wireshark."
LINUXSECURITY.COM

"Are there unknown hosts chatting away with each other? Is my machine talking to strangers? You need a packet sniffer to really find the answers to these questions. Wireshark is one of the best tools to do this job and this book is one of the best ways to learn about that tool."
FREE SOFTWARE MAGAZINE

"Perfect for the beginner to intermediate."
DAEMON NEWS

Additional Resources
Chapter 6: "Common Lower-Layer Protocols" (PDF)
Table of Contents
Detailed Table of Contents (PDF)
Index (PDF)
No Starch Press Catalog Page

Practical Packet Analysis, 2nd Edition Practical Packet Analysis, 2nd Edition
Publisher: No Starch Press
By Chris Sanders
ISBN 9781593272661, $49.95 USD  
July 2011, 280 pp.
order@oreilly.com
1-800-998-9938
1-707-827-7000

Request Review copy

Available in fine bookstores everywhere, from http://www.oreilly.com/nostarch, or directly from No Starch Press (http://www.nostarch.com, orders@nostarch.com, 1-800-420-7240).

About No Starch Press
Founded in 1994, No Starch Press is one of the few remaining independent computer book publishers. We publish the finest in geek entertainment—unique books on technology, with a focus on open source, security, hacking, programming, alternative operating systems, LEGO, science, and math. Our titles have personality, our authors are passionate, and our books tackle topics that people care about. Visit http://www.nostarch.com for a complete catalog.

About O’Reilly

O’Reilly Media spreads the knowledge of innovators through its books, online services, magazines, and conferences. Since 1978, O’Reilly Media has been a chronicler and catalyst of cutting-edge development, homing in on the technology trends that really matter and spurring their adoption by amplifying “faint signals” from the alpha geeks who are creating the future. An active participant in the technology community, the company has a long history of advocacy, meme-making, and evangelism.

Email a link to this press release