Have one to sell? Sell on Amazon
Flip to back Flip to front
Listen Playing... Paused   You're listening to a sample of the Audible audio edition.
Learn more
See all 2 images

Practical Packet Analysis: Using Wireshark to Solve Real-World Network Problems Paperback – May 23, 2007

ISBN-13: 978-1593271497 ISBN-10: 1593271492 Edition: 1st

21 New from $5.06 33 Used from $4.88
Amazon Price New from Used from
Paperback
"Please retry"
$5.06 $4.97

There is a newer edition of this item:

Amazon%20Web%20Services


Frequently Bought Together

Practical Packet Analysis: Using Wireshark to Solve Real-World Network Problems + Wireshark (R) 101: Essential Skills for Network Analysis (Wireshark Solutions)
Buy the selected items together

NO_CONTENT_IN_FEATURE

Shop the new tech.book(store)
New! Introducing the tech.book(store), a hub for Software Developers and Architects, Networking Administrators, TPMs, and other technology professionals to find highly-rated and highly-relevant career resources. Shop books on programming and big data, or read this week's blog posts by authors and thought-leaders in the tech industry. > Shop now

Product Details

  • Paperback: 192 pages
  • Publisher: No Starch Press; 1 edition (May 23, 2007)
  • Language: English
  • ISBN-10: 1593271492
  • ISBN-13: 978-1593271497
  • Product Dimensions: 9.2 x 7 x 0.6 inches
  • Shipping Weight: 12.6 ounces
  • Average Customer Review: 4.1 out of 5 stars  See all reviews (13 customer reviews)
  • Amazon Best Sellers Rank: #863,014 in Books (See Top 100 in Books)

Editorial Reviews

About the Author

Chris Sanders is currently the network administrator for a public school district in Kentucky. A Microsoft Certified Professional and Certified Wireless Network Administrator, he writes for WindowsNetwork.com, WindowsDevCenter.com, and maintains a blog at chrissanders.org. He is the author of Saving Money and Time with Virtual Server (O'Reilly Short Cut).

Customer Reviews

The points are clear and concise and the books stays interesting.
R. Lindfield
If I put a technical book back every time I saw a mistake that the proofer missed, I'd have empty shelves.
J. Cornell
I was looking for a book simple enough for me to follow regarding Wireshark.
L. Byrd

Most Helpful Customer Reviews

28 of 33 people found the following review helpful By Early Adopter on September 8, 2007
Format: Paperback
The conversational style of the book and the basic idea are very sound. Some of the information is well presented. So we'll start with 5 stars and see where we end up.

There are some typos and errors in the book (the Syn-Ack-Ack mentioned in two reviews is simply a typo in the diagram, the text on the same page correctly has it as Syn-Syn/Ack-Ack). Unfortunately, there are more serious errors than this, so there goes one star.

This is clearly a beginner's book, so some basic configuration explanations are needed to get Wireshark (and Cain and Able) set up properly. When the novice is presented with multiple network interfaces they can capture from, how do they decide which is the one to use? The author provides no help here, so the novice can do nothing but try each one in turn and see which one works. In my case, since I was using a notebook with a wireless connection, none of them worked in either program. Turning off promiscuous mode in Wireshark did the trick, but the author should have explained the need for that in the text. This book is about using these tools, so not explaining the basics is worth a star.

I downloaded the sample traces. The first one I tried: wrongdissector.dmp wasn't in the archive. An oversight perhaps? Let's try the next one in the text: suspectemployeechat.dmp. The content of this trace doesn't match the text all: the two individuals are chatting on a similar topic, perhaps, the contents of their conversation is complete different. There is no way to reconcile it with the text. Now we've moved from oversight to rubbish. Say goodbye to another star.

Final score: two stars out of five. If the publisher and/or their agents reads these reviews (they appear to have written some of them), please issue an errata and fix the download.
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again
2 of 2 people found the following review helpful By Mike Cherry on August 17, 2009
Format: Paperback
While this book will give you a passable introduction to the technical aspects of packet analysis and WireShark, the goal is to introduce the reader to some practical uses of WireShark. It answers questions that the accidental, occasional or beginning user asks themselves. I do not fault the author for a few inaccuracies as almost every technical/boring tome has them if you stay awake long enough to come across them. Since this book is so short, it made an easy target for the trained professional reviewer to rip it to shreds. Oh well.

If you want serious, practical training in the use of WireShark, find out about the consummate expert in teaching this subject. Her name is Laura Chappell. Search the web for more info. She goes light years beyond any publication in print with on demand and live video seminars and training for the serious student. Chappell has numerous titles (10 or more) specific to this subject listed on Amazon.com.
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again
2 of 2 people found the following review helpful By L. Byrd on June 8, 2011
Format: Paperback
I was looking for a book simple enough for me to follow regarding Wireshark.
After reading, I at least feel confidant enough that I can read a pcap file and make sense out of it.
If your a newbie to packet captures like I was, you will find this book very helpful.
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again
8 of 11 people found the following review helpful By RP Faber on July 3, 2007
Format: Paperback
I bought also "Computer Networks: Internet Protocols in Action
by Jeanna Matthews". Both as reference books. See also my review on that.

Let's start by saying it's very annoying if you have to read other material or have some doubt about your own knowledge concerning specific topics and then afterwards it proved to be your understanding and assumptions WHERE RIGHT and the book presented something wrong like the three way TCP way handshake is not SYN - ACK - SYN, Richard Bejtlich mentioned. These are crucial aspects of protocol understanding, the main reason you would buy a book like this. Nevertheless some faults can be made and maybe in the next version of the book this is reviewed and solved.

Rob Faber [CISSP, CEH, MCSE]
Security Consultant
The Netherlands
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again
3 of 4 people found the following review helpful By J. Cornell on December 31, 2008
Format: Paperback
Lately I have been reading reviews after I buy books just to see how they stack up, and this is no exception. I bought the book after checking it out at the book store and saw that there was good stuff in it. If you use Wireshark, or if you are learning it, you should have this book on your shelf period.
Chris Sanders not only does a great job of introducing you to the mindset of packet analysis, he shows a side of it that most of the people I interact with don't consider...the day to day administrator's needs for a way to diagnose network problems.

If you live the world of network monitoring and information security then this books works for you as well. The concepts are what is important and they are presented very well.

As to those who say there are too many things like the mis-representation of the three-way handshake I say Thanks for pointing it out to the novice among us. For the novice, now you know, so...buy the book anyway. If I put a technical book back every time I saw a mistake that the proofer missed, I'd have empty shelves.

Thanks Chris for taking a tough subject and making it much easier to digest.
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again
3 of 4 people found the following review helpful By CollectedReader on March 4, 2009
Format: Paperback
As there aren't too many books out there on use of wireshark I found this book to be quite useful for people wanting to get their hands onto trying. I was looking for some books that would be good as a learning tool that I can throw to new members on my team and this book was roundly accepted, particularily the real world examples. By no means should this book be the only one on your shelf as there are many concepts that need to be delved into to really get a firm understanding. The book begins with a basic intro to general router concepts and hardware, it then goes into the functions of Wireshark. I found that this information could of been found on the Wireshark userguide or help file. It was basically a re-hash here so that space could of been better used providing more info about routers in general instead as a lot of the real world problems come from misconfigured routers or machines.

Overall after reading the book the reader should get a fair understanding of TCP/IP concepts and communication on a network and is a good jump off point onto more advanced books.
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again

Most Recent Customer Reviews