Vous voulez voir cette page en français ? Cliquez ici.

Have one to sell? Sell yours here
Tell the Publisher!
I'd like to read this book on Kindle

Don't have a Kindle? Get your Kindle here, or download a FREE Kindle Reading App.

Practical Packet Analysis: Using Wireshark to Solve Real-World Network Problems [Paperback]

Chris Sanders
1.0 out of 5 stars  See all reviews (1 customer review)

Available from these sellers.

Save Up to 90% on Textbooks
Hit the books in Amazon.ca's Textbook Store and save up to 90% on used textbooks and 35% on new textbooks. Learn more.
There is a newer edition of this item:
Practical Packet Analysis: Using Wireshark to Solve Real-World Network Problems Practical Packet Analysis: Using Wireshark to Solve Real-World Network Problems 3.5 out of 5 stars (2)
CDN$ 36.51
In Stock.
Join Amazon Student in Canada

Book Description

May 27 2007 1593271492 978-1593271497 1

It's easy enough to install Wireshark and begin capturing packets off the wire--or from the air. But how do you interpret those packets once you've captured them? And how can those packets help you to better understand what's going on under the hood of your network?Practical Packet Analysisshows how to use Wireshark to capture and then analyze packets as you take an indepth look at real-world packet analysis and network troubleshooting. The way the pros do it.

Wireshark (derived from the Ethereal project), has become the world's most popular network sniffing application. But while Wireshark comes with documentation, there's not a whole lot of information to show you how to use it in real-world scenarios.Practical Packet Analysisshows you how to:

  • Use packet analysis to tackle common network problems, such as loss of connectivity, slow networks, malware infections, and more
  • Build customized capture and display filters
  • Tap into live network communication
  • Graph traffic patterns to visualize the data flowing across your network
  • Use advanced Wireshark features to understand confusing packets
  • Build statistics and reports to help you better explain technical network information to non-technical users

Because net-centric computing requires a deep understanding of network communication at the packet level,Practical Packet Analysisis a must have for any network technician, administrator, or engineer troubleshooting network problems of any kind.

Product Details

Product Description

About the Author

Chris Sanders is currently the network administrator for a public school district in Kentucky. A Microsoft Certified Professional and Certified Wireless Network Administrator, he writes for WindowsNetwork.com, WindowsDevCenter.com, and maintains a blog at chrissanders.org. He is the author of Saving Money and Time with Virtual Server (O'Reilly Short Cut).

Inside This Book (Learn More)
Explore More
Browse Sample Pages
Front Cover | Copyright | Table of Contents | Excerpt | Index | Back Cover
Search inside this book:

Sell a Digital Version of This Book in the Kindle Store

If you are a publisher or author and hold the digital rights to a book, you can sell a digital version of it in our Kindle Store. Learn more

Customer Reviews

5 star
4 star
3 star
2 star
1.0 out of 5 stars
1.0 out of 5 stars
Most helpful customer reviews
1 of 2 people found the following review helpful
1.0 out of 5 stars Don't Waste Your Money Dec 26 2007
I had the displeasure of reading this publication courtesy of my local library and I am aghast that the publisher would let it go to press given the obvious lack of technical editing. I'm certainly glad that I didn't spring for a copy out of pocket.

To be quite frank, either the reviewers on Amazond.com that gave this publication a good review didn't bother reading the book or completely lack any technical knowledge.

Just my opinion...
Was this review helpful to you?
Most Helpful Customer Reviews on Amazon.com (beta)
Amazon.com: 4.1 out of 5 stars  13 reviews
28 of 33 people found the following review helpful
2.0 out of 5 stars Packet traces don't match the text Sept. 8 2007
By Early Adopter - Published on Amazon.com
The conversational style of the book and the basic idea are very sound. Some of the information is well presented. So we'll start with 5 stars and see where we end up.

There are some typos and errors in the book (the Syn-Ack-Ack mentioned in two reviews is simply a typo in the diagram, the text on the same page correctly has it as Syn-Syn/Ack-Ack). Unfortunately, there are more serious errors than this, so there goes one star.

This is clearly a beginner's book, so some basic configuration explanations are needed to get Wireshark (and Cain and Able) set up properly. When the novice is presented with multiple network interfaces they can capture from, how do they decide which is the one to use? The author provides no help here, so the novice can do nothing but try each one in turn and see which one works. In my case, since I was using a notebook with a wireless connection, none of them worked in either program. Turning off promiscuous mode in Wireshark did the trick, but the author should have explained the need for that in the text. This book is about using these tools, so not explaining the basics is worth a star.

I downloaded the sample traces. The first one I tried: wrongdissector.dmp wasn't in the archive. An oversight perhaps? Let's try the next one in the text: suspectemployeechat.dmp. The content of this trace doesn't match the text all: the two individuals are chatting on a similar topic, perhaps, the contents of their conversation is complete different. There is no way to reconcile it with the text. Now we've moved from oversight to rubbish. Say goodbye to another star.

Final score: two stars out of five. If the publisher and/or their agents reads these reviews (they appear to have written some of them), please issue an errata and fix the download.
2 of 2 people found the following review helpful
5.0 out of 5 stars Helped me use Wireshark. June 8 2011
By L. Byrd - Published on Amazon.com
I was looking for a book simple enough for me to follow regarding Wireshark.
After reading, I at least feel confidant enough that I can read a pcap file and make sense out of it.
If your a newbie to packet captures like I was, you will find this book very helpful.
2 of 2 people found the following review helpful
3.0 out of 5 stars The title states the obvious Aug. 17 2009
By Mike Cherry - Published on Amazon.com
While this book will give you a passable introduction to the technical aspects of packet analysis and WireShark, the goal is to introduce the reader to some practical uses of WireShark. It answers questions that the accidental, occasional or beginning user asks themselves. I do not fault the author for a few inaccuracies as almost every technical/boring tome has them if you stay awake long enough to come across them. Since this book is so short, it made an easy target for the trained professional reviewer to rip it to shreds. Oh well.

If you want serious, practical training in the use of WireShark, find out about the consummate expert in teaching this subject. Her name is Laura Chappell. Search the web for more info. She goes light years beyond any publication in print with on demand and live video seminars and training for the serious student. Chappell has numerous titles (10 or more) specific to this subject listed on Amazon.com.
8 of 11 people found the following review helpful
3.0 out of 5 stars Could be reviewed much better. July 3 2007
By RP Faber - Published on Amazon.com
I bought also "Computer Networks: Internet Protocols in Action
by Jeanna Matthews". Both as reference books. See also my review on that.

Let's start by saying it's very annoying if you have to read other material or have some doubt about your own knowledge concerning specific topics and then afterwards it proved to be your understanding and assumptions WHERE RIGHT and the book presented something wrong like the three way TCP way handshake is not SYN - ACK - SYN, Richard Bejtlich mentioned. These are crucial aspects of protocol understanding, the main reason you would buy a book like this. Nevertheless some faults can be made and maybe in the next version of the book this is reviewed and solved.

Rob Faber [CISSP, CEH, MCSE]
Security Consultant
The Netherlands
3 of 4 people found the following review helpful
4.0 out of 5 stars worth a look March 4 2009
By CollectedReader - Published on Amazon.com
As there aren't too many books out there on use of wireshark I found this book to be quite useful for people wanting to get their hands onto trying. I was looking for some books that would be good as a learning tool that I can throw to new members on my team and this book was roundly accepted, particularily the real world examples. By no means should this book be the only one on your shelf as there are many concepts that need to be delved into to really get a firm understanding. The book begins with a basic intro to general router concepts and hardware, it then goes into the functions of Wireshark. I found that this information could of been found on the Wireshark userguide or help file. It was basically a re-hash here so that space could of been better used providing more info about routers in general instead as a lot of the real world problems come from misconfigured routers or machines.

Overall after reading the book the reader should get a fair understanding of TCP/IP concepts and communication on a network and is a good jump off point onto more advanced books.
Search Customer Reviews
Only search this product's reviews

Look for similar items by category