Start reading Practical Packet Analysis on the free Kindle Reading App or on your Kindle in under a minute. Don't have a Kindle? Get your Kindle here.

Deliver to your Kindle or other device

Enter a promotion code
or gift card
 
 
 

Try it free

Sample the beginning of this book for free

Deliver to your Kindle or other device

Anybody can read Kindle books—even without a Kindle device—with the FREE Kindle app for smartphones, tablets and computers.
Sorry, this item is not available in
Image not available for
Color:
Image not available

To view this video download Flash Player

 

Practical Packet Analysis [Kindle Edition]

Chris Sanders
4.5 out of 5 stars  See all reviews (60 customer reviews)

Digital List Price: $31.95 What's this?
Kindle Price: $17.25
You Save: $14.70 (46%)

Formats

Amazon Price New from Used from
Kindle Edition $17.25  
Paperback --  
Shop the new tech.book(store)
New! Introducing the tech.book(store), a hub for Software Developers and Architects, Networking Administrators, TPMs, and other technology professionals to find highly-rated and highly-relevant career resources. Shop books on programming and big data, or read this week's blog posts by authors and thought-leaders in the tech industry. > Shop now

Book Description

It's easy enough to install Wireshark and begin capturing packets off the wire--or from the air. But how do you interpret those packets once you've captured them? And how can those packets help you to better understand what's going on under the hood of your network? Practical Packet Analysis shows how to use Wireshark to capture and then analyze packets as you take an indepth look at real-world packet analysis and network troubleshooting. The way the pros do it.Wireshark (derived from the Ethereal project), has become the world's most popular network sniffing application. But while Wireshark comes with documentation, there's not a whole lot of information to show you how to use it in real-world scenarios. Practical Packet Analysis shows you how to:Use packet analysis to tackle common network problems, such as loss of connectivity, slow networks, malware infections, and moreBuild customized capture and display filtersTap into live network communicationGraph traffic patterns to visualize the data flowing across your networkUse advanced Wireshark features to understand confusing packetsBuild statistics and reports to help you better explain technical network information to non-technical usersBecause net-centric computing requires a deep understanding of network communication at the packet level, Practical Packet Analysis is a must have for any network technician, administrator, or engineer troubleshooting network problems of any kind.

Customers Who Bought This Item Also Bought


Product Details

  • File Size: 2895 KB
  • Print Length: 192 pages
  • Publisher: No Starch Press; 1 edition (August 20, 2009)
  • Sold by: Amazon Digital Services, Inc.
  • Language: English
  • ASIN: B002N3M6RC
  • Text-to-Speech: Enabled
  • X-Ray:
  • Lending: Not Enabled
  • Amazon Best Sellers Rank: #806,542 Paid in Kindle Store (See Top 100 Paid in Kindle Store)
  •  Would you like to give feedback on images?


Customer Reviews

Most Helpful Customer Reviews
40 of 40 people found the following review helpful
Format:Paperback
First of all if you consider yourself an expert in packet analysis don't read this book to learn advanced techniques in packet analysis. Instead read this book as a teaching tool to help better explain packet analysis to others. I found myself reading this book and going "hey I wish someone would have explained it to me that way when I started" and "why didn't I explain it that way."
This book is written for people who have little to no experience with packet analysis. It is also a good read for those who might have been out of the packet analysis game for a little while and need a quick read to brush up the skill-set. The book is well written and Sanders does an excellent job explaining things in a manner that is well understood. He eases the reader into explanations by going from layman to more technical jargon. The examples in the book match the title, they are practical and likely to be experienced in the real world. I would highly recommend this book to those who have little to no experience with packet analysis and are looking for a solid book to help them understand what many of the other books tend to explain in a lofty manner.
Comment | 
Was this review helpful to you?
16 of 16 people found the following review helpful
5.0 out of 5 stars Very useful if you're starting out with Wireshark July 31, 2011
Format:Paperback
Firstly, this is mostly a book about using the Wireshark protocol analyzer tool and secondly a book about packet analysis (in the sense that it does not have space to cover in detail all the sorts of protocol problems someone is likely to encounter). Nevertheless, it's a good book and I'd recommend it to anyone who's beginner to middling with Wireshark. It does a good job of explaining the use of Wireshark and in particular the various configuration options.

There are odd faults (for example, there's a diagram showing a Cisco router, except it's not). There are also some colloquialisms (such as when the author says "Why have chicken when you can have steak?"). And I was disappointed that IPv6 wasn't really covered at all.

If you're experienced with packet analysis and want to learn Wireshark, this book is good for you. If you're a beginner at packet analysis this book is also good.
Comment | 
Was this review helpful to you?
13 of 13 people found the following review helpful
Format:Paperback
If you have done any type of performance testing, you've inevitably come across an application or two that could not be scripted using standard protocols in a performance test tool like LoadRunner. The Loadrunner protocol of last resort -- when no other protocol will work -- is called Winsock, and it can be pretty nasty to debug. That's the main reason I picked up this book.

Wireshark is a free, open-source tool that allows you to capture and analyze network traffic. With the communication captured, you can then easily tell it to filter on certain protocols, making reading the packet info much easier than it is in LoadRunner.

This book starts at ground level, assuming no user experience with packet analysis and/or packet sniffers. It can basically be divided into four sections.

The first covers packet analysis and network basics, and gives a nice overview of the OSI model.
The second covers Wireshark's basic and advance features.
The next covers common protocols like ARP, TCP and HTTP,
and in the last section, the author ties it all together with real world examples using familiar sites like, Facebook and ESPN, while explaining how to troubleshoot common network issues.

I like the hands-on approach the writer uses throughout the book. He clearly explains everything in a clear, concise manner. I also appreciated the fact that the author uses packet capture files in each example that can be downloaded and opened in Wireshark in order to follow along. I was able to follow all of the examples without any confusion -- which is kind of a big deal, since packet analysis at this level is a new subject for me. Well done!

=JoeColantonio
@JoeColantonio.Com
Comment | 
Was this review helpful to you?
10 of 10 people found the following review helpful
Format:Paperback|Verified Purchase
The book starts out with some requisite background knowledge about networking needed to understand the packets that will be analyzed. This will not make you a networking expert, but it is very informative for the newcomer and a great refresher for the oldies. After learning about the basics of networking and comparing layer 1, 2, and 3 devices, the book explains techniques for successfully sniffing traffic. The author does not steer clear of the valuable (but sometimes controversial) ARP Cache Poisoning and flood attacks that frequently work for sniffing through a switch.

The author also compares WIreshark (the selected sniffing tool) to some of the others, and clearly explains why he made the choice to use Wireshark. Time is spent familiarizing the reader with using Wireshark, covering installation and usage. The author also discusses how to write filters for capturing and displaying, which is essential to properly use the tool to wade through all the clutter. Finally, the packets that are typically found on a network are discussed and analyzed. The author points out many useful things that can be discovered by zeroing in on things like client/server latency (at different points throughout the TCP handshake) DNS abnormalities, and strange packets.

Also Security implications and intrusion detection are discussed, which I found to be extremely informative for the typical network administrator. FInally some real world scenarios are presented, at which point we examine real life packets to determine the cause of the network problems. This exercise was very helpful to tie in the previous knowledge with a practical hands on approach. Also much appreciated were the example packets.
Read more ›
Comment | 
Was this review helpful to you?
Most Recent Customer Reviews
2.0 out of 5 stars Font & figures too small.
The figures and font were too small. Very difficult to see. I didn't have the patience to try to squint through it. I really can't give it a rating.
Published 7 days ago by Bruce
5.0 out of 5 stars Five Stars
Very good book for beginners.
Published 16 days ago by Alexander Naumov
5.0 out of 5 stars Very good for reality
Good book with big reality background.

Chris Sanders explains more aspects in network like bottlenek, how detect if lag is client or server side and how detect bad... Read more
Published 4 months ago by PAROLA SELS INGENIERIE
5.0 out of 5 stars Another must have....
It wasn't til I picked up this book that I realized how much I didn't know. Although I have been doing this for awhile I was able to learn new tricks and approaches to solve... Read more
Published 4 months ago by Chris Williams
5.0 out of 5 stars Great product! This is something that quality is a must and it was...
Great product! This is something that quality is a must and it was provided. Will buy again! Right price, fast service!
Published 4 months ago by Peter Walker
5.0 out of 5 stars Excellent
Easy to read. From basic to complex explanation of terms and concept. If you need a book to deep understand and learn about networks: this is your book.
Published 4 months ago by Mrgonzalez
4.0 out of 5 stars Good overview
Good overview and very focused on actual analysis aswell as explanation of underlying concepts. Overview of the most common networking protocols out there.
Published 4 months ago by Erik Pettersson
5.0 out of 5 stars Practical Analysis Book
For Students studying practical analysis on internet may be just what you need to help you thru your internet studies.
Published 4 months ago by Phyllis A Anderson
4.0 out of 5 stars For reference or skill building
A useful guide for getting into packet analysis or if you just need a quick reminder to help you find that little-used filter or function.
Published 5 months ago by GoFigure
5.0 out of 5 stars It is a good book.
Not what I was looking for. Thought it would help with network stuff but not what I wanted. It may be good for others but not me.
Published 6 months ago by Darin D
Search Customer Reviews
Search these reviews only

More About the Author

Chris Sanders is an information security consultant, author, and researcher originally from Mayfield, Kentucky. That's thirty miles southwest of a little town called Possum Trot, forty miles southeast of a hole in the wall named Monkey's Eyebrow, and just north of a bend in the road that really is named Podunk.

Chris Sanders is the Threat Intel Operations Lead at Mandiant, a division of FireEye, where he leads a small group tasked with effectively using network threat intelligence to catch adversaries. He has as extensive experience supporting multiple government and military agencies, as well as several Fortune 500 companies. In multiple roles with the US Department of Defense, Chris significantly helped to further to role of the Computer Network Defense Service Provider (CNDSP) model, and helped to create several NSM and intelligence tools currently being used to defend the interests of the nation.

Chris has authored several books and articles, including the international best seller "Practical Packet Analysis" form No Starch Press, currently in its second edition, and "Applied Network Security Monitoring" from Syngress. Chris currently holds several industry certifications, including the SANS GSE and CISSP distinctions.

In 2008, Chris founded the Rural Technology Fund. The RTF is a 501(c)(3) non-profit organization designed to provide scholarship opportunities to students form rural areas pursuing careers in computer technology. The organization also promotes technology advocacy in rural areas through various support programs. The RTF has provided thousands of dollars in scholarships and support to rural students.

When Chris isn't buried knee-deep in packets, he enjoys watching University of Kentucky Wildcat basketball, being a BBQ Pitmaster, amateur drone building, and spending time at the beach. Chris currently resides in Charleston, South Carolina with his wife Ellen.

Chris blogs at http://www.appliednsm.com and http://www.chrissanders.org. He is on Twitter as @chrissanders88.

What Other Items Do Customers Buy After Viewing This Item?



Forums

There are no discussions about this product yet.
Be the first to discuss this product with the community.
Start a new discussion
Topic:
First post:
Prompts for sign-in
 


Look for Similar Items by Category