Vous voulez voir cette page en français ? Cliquez ici.

Have one to sell? Sell yours here
Tell the Publisher!
I'd like to read this book on Kindle

Don't have a Kindle? Get your Kindle here, or download a FREE Kindle Reading App.

Practical Packet Analysis: Using Wireshark to Solve Real-World Network Problems [Paperback]

Chris Sanders
1.0 out of 5 stars  See all reviews (1 customer review)

Available from these sellers.

There is a newer edition of this item:
Practical Packet Analysis: Using Wireshark to Solve Real-World Network Problems Practical Packet Analysis: Using Wireshark to Solve Real-World Network Problems 3.5 out of 5 stars (2)
CDN$ 32.92
In Stock.
Join Amazon Student in Canada

Book Description

May 27 2007 1593271492 978-1593271497 1

It's easy enough to install Wireshark and begin capturing packets off the wire--or from the air. But how do you interpret those packets once you've captured them? And how can those packets help you to better understand what's going on under the hood of your network? Practical Packet Analysis shows how to use Wireshark to capture and then analyze packets as you take an indepth look at real-world packet analysis and network troubleshooting. The way the pros do it.

Wireshark (derived from the Ethereal project), has become the world's most popular network sniffing application. But while Wireshark comes with documentation, there's not a whole lot of information to show you how to use it in real-world scenarios. Practical Packet Analysis shows you how to:

  • Use packet analysis to tackle common network problems, such as loss of connectivity, slow networks, malware infections, and more
  • Build customized capture and display filters
  • Tap into live network communication
  • Graph traffic patterns to visualize the data flowing across your network
  • Use advanced Wireshark features to understand confusing packets
  • Build statistics and reports to help you better explain technical network information to non-technical users

Because net-centric computing requires a deep understanding of network communication at the packet level, Practical Packet Analysis is a must have for any network technician, administrator, or engineer troubleshooting network problems of any kind.

Product Details

Product Description

About the Author

Chris Sanders is currently the network administrator for a public school district in Kentucky. A Microsoft Certified Professional and Certified Wireless Network Administrator, he writes for WindowsNetwork.com, WindowsDevCenter.com, and maintains a blog at chrissanders.org. He is the author of Saving Money and Time with Virtual Server (O'Reilly Short Cut).

Inside This Book (Learn More)
Explore More
Browse Sample Pages
Front Cover | Copyright | Table of Contents | Excerpt | Index | Back Cover
Search inside this book:

Sell a Digital Version of This Book in the Kindle Store

If you are a publisher or author and hold the digital rights to a book, you can sell a digital version of it in our Kindle Store. Learn more

Customer Reviews

5 star
4 star
3 star
2 star
1.0 out of 5 stars
1.0 out of 5 stars
Most helpful customer reviews
1 of 2 people found the following review helpful
1.0 out of 5 stars Don't Waste Your Money Dec 26 2007
I had the displeasure of reading this publication courtesy of my local library and I am aghast that the publisher would let it go to press given the obvious lack of technical editing. I'm certainly glad that I didn't spring for a copy out of pocket.

To be quite frank, either the reviewers on Amazond.com that gave this publication a good review didn't bother reading the book or completely lack any technical knowledge.

Just my opinion...
Was this review helpful to you?
Most Helpful Customer Reviews on Amazon.com (beta)
Amazon.com: 4.1 out of 5 stars  13 reviews
28 of 33 people found the following review helpful
2.0 out of 5 stars Packet traces don't match the text Sept. 8 2007
By Early Adopter - Published on Amazon.com
The conversational style of the book and the basic idea are very sound. Some of the information is well presented. So we'll start with 5 stars and see where we end up.

There are some typos and errors in the book (the Syn-Ack-Ack mentioned in two reviews is simply a typo in the diagram, the text on the same page correctly has it as Syn-Syn/Ack-Ack). Unfortunately, there are more serious errors than this, so there goes one star.

This is clearly a beginner's book, so some basic configuration explanations are needed to get Wireshark (and Cain and Able) set up properly. When the novice is presented with multiple network interfaces they can capture from, how do they decide which is the one to use? The author provides no help here, so the novice can do nothing but try each one in turn and see which one works. In my case, since I was using a notebook with a wireless connection, none of them worked in either program. Turning off promiscuous mode in Wireshark did the trick, but the author should have explained the need for that in the text. This book is about using these tools, so not explaining the basics is worth a star.

I downloaded the sample traces. The first one I tried: wrongdissector.dmp wasn't in the archive. An oversight perhaps? Let's try the next one in the text: suspectemployeechat.dmp. The content of this trace doesn't match the text all: the two individuals are chatting on a similar topic, perhaps, the contents of their conversation is complete different. There is no way to reconcile it with the text. Now we've moved from oversight to rubbish. Say goodbye to another star.

Final score: two stars out of five. If the publisher and/or their agents reads these reviews (they appear to have written some of them), please issue an errata and fix the download.
2 of 2 people found the following review helpful
3.0 out of 5 stars The title states the obvious Aug. 17 2009
By Mike Cherry - Published on Amazon.com
While this book will give you a passable introduction to the technical aspects of packet analysis and WireShark, the goal is to introduce the reader to some practical uses of WireShark. It answers questions that the accidental, occasional or beginning user asks themselves. I do not fault the author for a few inaccuracies as almost every technical/boring tome has them if you stay awake long enough to come across them. Since this book is so short, it made an easy target for the trained professional reviewer to rip it to shreds. Oh well.

If you want serious, practical training in the use of WireShark, find out about the consummate expert in teaching this subject. Her name is Laura Chappell. Search the web for more info. She goes light years beyond any publication in print with on demand and live video seminars and training for the serious student. Chappell has numerous titles (10 or more) specific to this subject listed on Amazon.com.
2 of 2 people found the following review helpful
5.0 out of 5 stars Helped me use Wireshark. June 8 2011
By L. Byrd - Published on Amazon.com
I was looking for a book simple enough for me to follow regarding Wireshark.
After reading, I at least feel confidant enough that I can read a pcap file and make sense out of it.
If your a newbie to packet captures like I was, you will find this book very helpful.
8 of 11 people found the following review helpful
3.0 out of 5 stars Could be reviewed much better. July 3 2007
By RP Faber - Published on Amazon.com
I bought also "Computer Networks: Internet Protocols in Action
by Jeanna Matthews". Both as reference books. See also my review on that.

Let's start by saying it's very annoying if you have to read other material or have some doubt about your own knowledge concerning specific topics and then afterwards it proved to be your understanding and assumptions WHERE RIGHT and the book presented something wrong like the three way TCP way handshake is not SYN - ACK - SYN, Richard Bejtlich mentioned. These are crucial aspects of protocol understanding, the main reason you would buy a book like this. Nevertheless some faults can be made and maybe in the next version of the book this is reviewed and solved.

Rob Faber [CISSP, CEH, MCSE]
Security Consultant
The Netherlands
3 of 4 people found the following review helpful
5.0 out of 5 stars A must for Wireshark users Dec 31 2008
By J. Cornell - Published on Amazon.com
Lately I have been reading reviews after I buy books just to see how they stack up, and this is no exception. I bought the book after checking it out at the book store and saw that there was good stuff in it. If you use Wireshark, or if you are learning it, you should have this book on your shelf period.
Chris Sanders not only does a great job of introducing you to the mindset of packet analysis, he shows a side of it that most of the people I interact with don't consider...the day to day administrator's needs for a way to diagnose network problems.

If you live the world of network monitoring and information security then this books works for you as well. The concepts are what is important and they are presented very well.

As to those who say there are too many things like the mis-representation of the three-way handshake I say Thanks for pointing it out to the novice among us. For the novice, now you know, so...buy the book anyway. If I put a technical book back every time I saw a mistake that the proofer missed, I'd have empty shelves.

Thanks Chris for taking a tough subject and making it much easier to digest.
Search Customer Reviews
Only search this product's reviews

Look for similar items by category