Ethereal Packet Sniffing and over one million other books are available for Amazon Kindle. Learn more
Buy Used
FREE Shipping on orders over $35.
Used: Like New | Details
Sold by greatbooks3000
Condition: Used: Like New
Comment: Looks new. Includes sealed CD. In Amazon's warehouse. Combine with other items from Greatbooks and Amazon for FREE Super Saver Shipping. 24/7 customer service direct from Amazon.
Access codes and supplements are not guaranteed with used items.
Add to Cart
Have one to sell? Sell on Amazon
Flip to back Flip to front
Listen Playing... Paused   You're listening to a sample of the Audible audio edition.
Learn more
See this image

Ethereal Packet Sniffing Hardcover – Illustrated, April 21, 2004

ISBN-13: 079-2502668283 ISBN-10: 1932266828 Edition: 1st

Price: $3.99
18 New from $8.95 60 Used from $0.01
Amazon Price New from Used from
"Please retry"
Hardcover, Illustrated
"Please retry"
$8.95 $0.01


Customers Who Bought This Item Also Bought


Shop the new
New! Introducing the, a hub for Software Developers and Architects, Networking Administrators, TPMs, and other technology professionals to find highly-rated and highly-relevant career resources. Shop books on programming and big data, or read this week's blog posts by authors and thought-leaders in the tech industry. > Shop now

Product Details

  • Hardcover: 550 pages
  • Publisher: Syngress; 1 edition (April 21, 2004)
  • Language: English
  • ISBN-10: 1932266828
  • ISBN-13: 978-1932266825
  • Product Dimensions: 9 x 7 x 1.3 inches
  • Shipping Weight: 1.8 pounds
  • Average Customer Review: 4.4 out of 5 stars  See all reviews (26 customer reviews)
  • Amazon Best Sellers Rank: #480,848 in Books (See Top 100 in Books)

Editorial Reviews

About the Author

Angela Orebaugh (CISSP, GCIA, GCFW, GCIH, GSEC, CCNA) has worked in information technology for 10 years. She is currently an Associate at Booz Allen Hamilton in the Washington, DC metro area. Her focus is on perimeter defense, secure architecture design, vulnerability assessments, penetration testing, and intrusion detection. Angela is expert in many commercial and Open Source intrusion detection and analysis tools including Ethereal, Snort, Nessus, and Nmap. She is a graduate of James Madison University with a masters in computer science, and she is currently pursuing her PhD with a concentration in information security at George Mason University. Her GCFW practical received honors recognition and was used as a case study in the book Network Perimeter Security: The Definitive Guide to Firewalls, VPNs, Routers, and Network Intrusion Detection by Stephen Northcutt (ISBN: 0735712328). Angela is a researcher, writer, and speaker for SANS Institute, where she has helped to develop and revise SANS course material and also serves as the Senior Mentor Coach for the SANS Local Mentor Program.

Gilbert Ramirez was the first contributor to Ethereal after it was announced to the public and is known for his regular updates to the product. He has contributed protocol dissectors as well as core logic to Ethereal. He is a systems engineer at a large company with network-related products, where he works on tools and software build systems. Gilbert is a family man, a want-to-be chef, and a student of tae kwon do. His degree is in linguistics, but his first love is programming computers, which he has been doing since childhood.

More About the Author

Angela Orebaugh is a cyber security technologist, scientist, and author with a broad spectrum of expertise in information assurance. She synergizes her 15 years of hands-on experiences within industry, academia, and government to advise clients on cyber security strategy, management, and technologies.

Ms. Orebaugh is involved in several security initiatives with the National Institute of Standards and Technology (NIST), including technical Special Publications (800 series), the National Vulnerability Database (NVD), Security Content Automation Protocol (SCAP) project, and secure eVoting. She is also the Director of Research and Academic Integration for the Information Assurance Technical Analysis Center (IATAC), where she bridges academia, government, and industry by performing outreach and collecting, analyzing, and disseminating IA research from academia, IA labs, and industry research centers.

Ms. Orebaugh is an Adjunct Professor for George Mason University where she performs research and teaching in intrusion detection, cyber forensics, and cybercrime. She developed and teaches the Intrusion Detection curriculum, a core requirement for the Forensics program in the Department of Electrical and Computer Engineering. Her current research interests include peer-reviewed publications in the areas of intrusion detection and prevention, data mining, attacker profiling, network forensics, user behavior analysis, behavioral biometrics, and cyber psychology.

Ms. Orebaugh is the author of the Syngress best seller's Nmap in the Enterprise, Wireshark and Ethereal Network Protocol Analyzer Toolkit, and Ethereal Packet Sniffing. She has also co-authored the Snort Cookbook, Intrusion Prevention and Active Response, and How to Cheat at Configuring Open Source Security Tools. Angela is a frequent speaker at a variety of security conferences and technology events, including the SANS Institute and The Institute for Applied Network Security.

Ms. Orebaugh holds a Masters degree in Computer Science and a Bachelors degree in Computer Information Systems from James Madison University. She is currently completing her dissertation for her Ph.D. at George Mason University, with a concentration in Information Security.

Customer Reviews

4.4 out of 5 stars
5 star
4 star
3 star
2 star
1 star
See all 26 customer reviews
I give this book 4 pings out of 5: !!!.!
Sean E. Connelly
The authors also show output from things like Code Red and SQL Slammer to really demonstrate how Ethereal can be used to analyze attacks.
I've been using Ethereal for around five years, and this book still taught me a few new tricks.
Richard Bejtlich

Most Helpful Customer Reviews

20 of 21 people found the following review helpful By jose_monkey_org on July 13, 2004
Format: Hardcover
I've used the tool for years, and I've read the docs a bit, so I felt comfortable with the tool. Still, I wanted to learn something new with it, and I wanted to see if this book could offer what I was hoping for. The book delivers, and does a pretty good job. One of the big tests for me about any book that covers an Open Source project is "Does this book offer more than the existing documentation?" If it fails to, the book isn't worth the money, I'll stick with free docs.
A bit of the book I didn't like was the choice of screenshots: quite a number of the screenshots were full screen dumps when only one or two elements of the page really mattered. Either trimmed or annotated screenshots would have been more welcome. A lot of information gets dumped in Ethereal, helping people navigate the UI with a static, black-and-white image would have been welcome.
Now, on to the real strengths of the book. The book offers more coverage than the existing, free docs on Ethereal provide, or at least in a more manageable form. Obviously, with the source code in front of me I could dissect the tool and learn everything about it, but that's hardly efficient. Simply put, the book introduces network sniffing and troubleshooting well. How can you place a sniffer to get coverage, what can a sniffer tell you during troubleshooting (and what can it not?), and of course how to get and install Ethereal (on UN*X and Windows).
The next chapter covers exactly what you would expect it to, how to use Ethereal. Ethereal's main use is as a GUI protocol analyzer, so you have menus, panes and windows to navigate. This chapter tells you what they are and how they present and format the data you're looking at.
Read more ›
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again
15 of 15 people found the following review helpful By Richard Bejtlich on May 1, 2004
Format: Hardcover
"Ethereal Packet Sniffing" is the first book in Jay Beale's new Open Source Security Series with Syngress. It's a great book to lead the way. "Ethereal" is full of helpful tips and clear discussions that benefit newbies and wizards alike.
I've been using Ethereal for around five years, and this book still taught me a few new tricks. The key to the new material is Ethereal's development, from 0.2 in July 1998 to 0.10.3 this year. (The book covers 0.10.0 which is far from being outdated.) The many improvements lend themselves to the sort of explanations found in "Ethereal." For example, my favorite material involved filters. Although chs. 4 and 5 had minor overlap regarding this feature, I learned new ways to manipulate Ethereal's packet search and display capabilities.
Because the entire book focuses on a single suite of tools, it has the space to take in-depth looks at normally ignored components like stream analysis graphs. The book spends time explaining how to write filters with bitwise AND operations, and talks about 'matches' and 'contains' search functions. For programmers, the chapter on "developing Ethereal" gives clues on adding new protocol dissectors. This reminded me of a similar chapter in Syngress' book on Snort.
If you want to really know how to use Ethereal, buy this book. However, it should have been called "Ethereal Packet Sniffer," not "Ethereal Packet Sniffing." The distinction lies in the book's focus; it spends most of its time explaining functions and not analyzing packets. Books on troubleshooting by Bardwell or Haugdahl have more insights to share than ch. 8 in "Ethereal." Nevertheless, I added this book to my recommended reading list for aspiring security engineers. It's worth a close read.
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again
5 of 5 people found the following review helpful By Midwest Book Review on July 9, 2004
Format: Hardcover
The latest contribution of Jay Beale's Open Source Security Series, Ethereal Packet Sniffing is the first reference book to cover the "packet sniffer" security tool that has become widely used among network administrators. Individual chapters of Ethereal Packet Sniffing cover installing and using Ethereal: Network Protocol Analyzer in Unix, Linux, or Windows, filters, associated other programs that come packaged with Ethereal such as Tethereal and Editcap, integrating Ethereal with other sniffers, developing Ethereal and its design tools, and much more. An easy-to-use resource filled with screenshots, sample code, and step-by-step examples and instructions. An accompanying CD contains Ethereal itself, including installation, reference, and packet capture files, complete with a 1 year upgrade buyer protection plan, making Ethereal Packet Sniffing more than just a supplementary guide; it's computer software with a far more exhaustive starter guide than any tiny little owner's manual can offer.
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again
5 of 5 people found the following review helpful By Joseph P. Bowling on May 17, 2004
Format: Hardcover
I found this book to be an easy to read and follow. The book is fully dedicated to the functionailty of Ethereal. (it does not cover how protocols work etc..i mention that because this book will be popular in IDS circles) I was concerned about spending money on a book for a sniffer that i was already using and felt i already had a good handle on but i am glad i did purchase it. If you spend time going through large packet dump files the explantions on how to use the different display filters is worth the price of the book. The only complaint i would have would be the portion about "capture filters". I felt the explantion wasnt as through as i would have liked it to be but BP filters can be very diffcult to explain especially in only a few pages so its understandable.
I did learn some interesting nuggets on using mergecap and using ethereal without the gui.
Overall the best resource for Ethereal and worth buying.
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again

Customer Images

Most Recent Customer Reviews