- File Size: 2895 KB
- Print Length: 192 pages
- Simultaneous Device Usage: Unlimited
- Publisher: No Starch Press; 1 edition (August 20, 2009)
- Publication Date: August 20, 2009
- Sold by: Amazon Digital Services LLC
- Language: English
- ASIN: B002N3M6RC
- Text-to-Speech: Enabled
- Word Wise: Not Enabled
- Lending: Not Enabled
Amazon Best Sellers Rank:
#1,173,035 Paid in Kindle Store (See Top 100 Paid in Kindle Store)
- #1567 in Books > Computers & Technology > Networking & Cloud Computing > Network Security
- #1593 in Books > Computers & Technology > Networking & Cloud Computing > Networks, Protocols & APIs > Networks
- #1898 in Kindle Store > Kindle eBooks > Computers & Technology > Networking > Networks, Protocols & API's
|Digital List Price:||$31.95|
Save $14.70 (46%)
Practical Packet Analysis Kindle Edition
|Length: 192 pages|
Enter your mobile number or email address below and we'll send you a link to download the free Kindle App. Then you can start reading Kindle books on your smartphone, tablet, or computer - no Kindle device required.
To get the free app, enter your email address or mobile phone number.
Customers Who Bought This Item Also Bought
More About the Author
Chris Sanders is the Threat Intel Operations Lead at Mandiant, a division of FireEye, where he leads a small group tasked with effectively using network threat intelligence to catch adversaries. He has as extensive experience supporting multiple government and military agencies, as well as several Fortune 500 companies. In multiple roles with the US Department of Defense, Chris significantly helped to further to role of the Computer Network Defense Service Provider (CNDSP) model, and helped to create several NSM and intelligence tools currently being used to defend the interests of the nation.
Chris has authored several books and articles, including the international best seller "Practical Packet Analysis" form No Starch Press, currently in its second edition, and "Applied Network Security Monitoring" from Syngress. Chris currently holds several industry certifications, including the SANS GSE and CISSP distinctions.
In 2008, Chris founded the Rural Technology Fund. The RTF is a 501(c)(3) non-profit organization designed to provide scholarship opportunities to students form rural areas pursuing careers in computer technology. The organization also promotes technology advocacy in rural areas through various support programs. The RTF has provided thousands of dollars in scholarships and support to rural students.
When Chris isn't buried knee-deep in packets, he enjoys watching University of Kentucky Wildcat basketball, being a BBQ Pitmaster, amateur drone building, and spending time at the beach. Chris currently resides in Charleston, South Carolina with his wife Ellen.
Chris blogs at http://www.appliednsm.com and http://www.chrissanders.org. He is on Twitter as @chrissanders88.
Top Customer Reviews
This book is written for people who have little to no experience with packet analysis. It is also a good read for those who might have been out of the packet analysis game for a little while and need a quick read to brush up the skill-set. The book is well written and Sanders does an excellent job explaining things in a manner that is well understood. He eases the reader into explanations by going from layman to more technical jargon. The examples in the book match the title, they are practical and likely to be experienced in the real world. I would highly recommend this book to those who have little to no experience with packet analysis and are looking for a solid book to help them understand what many of the other books tend to explain in a lofty manner.
There are odd faults (for example, there's a diagram showing a Cisco router, except it's not). There are also some colloquialisms (such as when the author says "Why have chicken when you can have steak?"). And I was disappointed that IPv6 wasn't really covered at all.
If you're experienced with packet analysis and want to learn Wireshark, this book is good for you. If you're a beginner at packet analysis this book is also good.
Wireshark is a free, open-source tool that allows you to capture and analyze network traffic. With the communication captured, you can then easily tell it to filter on certain protocols, making reading the packet info much easier than it is in LoadRunner.
This book starts at ground level, assuming no user experience with packet analysis and/or packet sniffers. It can basically be divided into four sections.
The first covers packet analysis and network basics, and gives a nice overview of the OSI model.
The second covers Wireshark's basic and advance features.
The next covers common protocols like ARP, TCP and HTTP,
and in the last section, the author ties it all together with real world examples using familiar sites like, Facebook and ESPN, while explaining how to troubleshoot common network issues.
I like the hands-on approach the writer uses throughout the book. He clearly explains everything in a clear, concise manner. I also appreciated the fact that the author uses packet capture files in each example that can be downloaded and opened in Wireshark in order to follow along. I was able to follow all of the examples without any confusion -- which is kind of a big deal, since packet analysis at this level is a new subject for me. Well done!
The author also compares WIreshark (the selected sniffing tool) to some of the others, and clearly explains why he made the choice to use Wireshark. Time is spent familiarizing the reader with using Wireshark, covering installation and usage. The author also discusses how to write filters for capturing and displaying, which is essential to properly use the tool to wade through all the clutter. Finally, the packets that are typically found on a network are discussed and analyzed. The author points out many useful things that can be discovered by zeroing in on things like client/server latency (at different points throughout the TCP handshake) DNS abnormalities, and strange packets.
Also Security implications and intrusion detection are discussed, which I found to be extremely informative for the typical network administrator. FInally some real world scenarios are presented, at which point we examine real life packets to determine the cause of the network problems. This exercise was very helpful to tie in the previous knowledge with a practical hands on approach. Also much appreciated were the example packets.Read more ›
Most Recent Customer Reviews
This arrived in good condition and the process save me money.Published 1 day ago by Amazon Customer
Great book with excellent examples and clear explanations.Published 2 months ago by Amazon Customer
Really a solid read and provides insight into what can be obtained and how to go about packet analysis.Published 6 months ago by Wayne Wheeles
Clear explanations examples for you to follow along. Includes packet captures you can download and examine with Wireshark.Published 8 months ago by Kevin
What Other Items Do Customers Buy After Viewing This Item?
Look for Similar Items by Category
- Books > Computers & Technology > Networking & Cloud Computing > Network Security
- Books > Computers & Technology > Networking & Cloud Computing > Networks, Protocols & APIs > Networks
- Books > Computers & Technology > Security & Encryption
- Kindle Store > Kindle eBooks > Computers & Technology > Networking > Networks, Protocols & API's