Customer Reviews


60 Reviews
5 star:
 (38)
4 star:
 (18)
3 star:
 (2)
2 star:
 (2)
1 star:    (0)
 
 
 
 
 
Average Customer Review
Share your thoughts with other customers
Create your own review
 
 

The most helpful favorable review
The most helpful critical review


41 of 41 people found the following review helpful
5.0 out of 5 stars This book does exactly what it's written for. It's practical!
First of all if you consider yourself an expert in packet analysis don't read this book to learn advanced techniques in packet analysis. Instead read this book as a teaching tool to help better explain packet analysis to others. I found myself reading this book and going "hey I wish someone would have explained it to me that way when I started" and "why didn't I explain...
Published on July 4, 2011 by Bryon Hundley

versus
9 of 12 people found the following review helpful
3.0 out of 5 stars Shortcut for Beginners
Author Chris Sanders is a computer security consultant, currently working for the US Gov. He is CISSP certified, & blogs at ChrisSanders.org.

The author admits "nothing beats real-world experience", but argues "the closest you can come to that experience in a book is through practical examples of packet analysis with real-world scenarios"...
Published on July 23, 2011 by @BriMcS


‹ Previous | 1 26 | Next ›
Most Helpful First | Newest First

41 of 41 people found the following review helpful
5.0 out of 5 stars This book does exactly what it's written for. It's practical!, July 4, 2011
This review is from: Practical Packet Analysis: Using Wireshark to Solve Real-World Network Problems (Paperback)
First of all if you consider yourself an expert in packet analysis don't read this book to learn advanced techniques in packet analysis. Instead read this book as a teaching tool to help better explain packet analysis to others. I found myself reading this book and going "hey I wish someone would have explained it to me that way when I started" and "why didn't I explain it that way."
This book is written for people who have little to no experience with packet analysis. It is also a good read for those who might have been out of the packet analysis game for a little while and need a quick read to brush up the skill-set. The book is well written and Sanders does an excellent job explaining things in a manner that is well understood. He eases the reader into explanations by going from layman to more technical jargon. The examples in the book match the title, they are practical and likely to be experienced in the real world. I would highly recommend this book to those who have little to no experience with packet analysis and are looking for a solid book to help them understand what many of the other books tend to explain in a lofty manner.
Help other customers find the most helpful reviews 
Was this review helpful to you? Yes No


17 of 17 people found the following review helpful
5.0 out of 5 stars Very useful if you're starting out with Wireshark, July 31, 2011
This review is from: Practical Packet Analysis: Using Wireshark to Solve Real-World Network Problems (Paperback)
Firstly, this is mostly a book about using the Wireshark protocol analyzer tool and secondly a book about packet analysis (in the sense that it does not have space to cover in detail all the sorts of protocol problems someone is likely to encounter). Nevertheless, it's a good book and I'd recommend it to anyone who's beginner to middling with Wireshark. It does a good job of explaining the use of Wireshark and in particular the various configuration options.

There are odd faults (for example, there's a diagram showing a Cisco router, except it's not). There are also some colloquialisms (such as when the author says "Why have chicken when you can have steak?"). And I was disappointed that IPv6 wasn't really covered at all.

If you're experienced with packet analysis and want to learn Wireshark, this book is good for you. If you're a beginner at packet analysis this book is also good.
Help other customers find the most helpful reviews 
Was this review helpful to you? Yes No


13 of 13 people found the following review helpful
4.0 out of 5 stars "Practical Packet Analysis - Using Wireshark to Solve Real-World Network Problems" by Chris Sanders; No starch Press., July 31, 2011
This review is from: Practical Packet Analysis: Using Wireshark to Solve Real-World Network Problems (Paperback)
If you have done any type of performance testing, you've inevitably come across an application or two that could not be scripted using standard protocols in a performance test tool like LoadRunner. The Loadrunner protocol of last resort -- when no other protocol will work -- is called Winsock, and it can be pretty nasty to debug. That's the main reason I picked up this book.

Wireshark is a free, open-source tool that allows you to capture and analyze network traffic. With the communication captured, you can then easily tell it to filter on certain protocols, making reading the packet info much easier than it is in LoadRunner.

This book starts at ground level, assuming no user experience with packet analysis and/or packet sniffers. It can basically be divided into four sections.

The first covers packet analysis and network basics, and gives a nice overview of the OSI model.
The second covers Wireshark's basic and advance features.
The next covers common protocols like ARP, TCP and HTTP,
and in the last section, the author ties it all together with real world examples using familiar sites like, Facebook and ESPN, while explaining how to troubleshoot common network issues.

I like the hands-on approach the writer uses throughout the book. He clearly explains everything in a clear, concise manner. I also appreciated the fact that the author uses packet capture files in each example that can be downloaded and opened in Wireshark in order to follow along. I was able to follow all of the examples without any confusion -- which is kind of a big deal, since packet analysis at this level is a new subject for me. Well done!

=JoeColantonio
@JoeColantonio.Com
Help other customers find the most helpful reviews 
Was this review helpful to you? Yes No


10 of 10 people found the following review helpful
5.0 out of 5 stars A Concise But Thorough Guide To Understanding The Packets on Your Network, February 11, 2012
Verified Purchase(What's this?)
This review is from: Practical Packet Analysis: Using Wireshark to Solve Real-World Network Problems (Paperback)
The book starts out with some requisite background knowledge about networking needed to understand the packets that will be analyzed. This will not make you a networking expert, but it is very informative for the newcomer and a great refresher for the oldies. After learning about the basics of networking and comparing layer 1, 2, and 3 devices, the book explains techniques for successfully sniffing traffic. The author does not steer clear of the valuable (but sometimes controversial) ARP Cache Poisoning and flood attacks that frequently work for sniffing through a switch.

The author also compares WIreshark (the selected sniffing tool) to some of the others, and clearly explains why he made the choice to use Wireshark. Time is spent familiarizing the reader with using Wireshark, covering installation and usage. The author also discusses how to write filters for capturing and displaying, which is essential to properly use the tool to wade through all the clutter. Finally, the packets that are typically found on a network are discussed and analyzed. The author points out many useful things that can be discovered by zeroing in on things like client/server latency (at different points throughout the TCP handshake) DNS abnormalities, and strange packets.

Also Security implications and intrusion detection are discussed, which I found to be extremely informative for the typical network administrator. FInally some real world scenarios are presented, at which point we examine real life packets to determine the cause of the network problems. This exercise was very helpful to tie in the previous knowledge with a practical hands on approach. Also much appreciated were the example packets. The author provides capture files that can be downloaded from his web site that allow you to follow along easily without requiring you to sniff the packets yourself. Screenshots are provided for those who don't have access to a computer with Wireshark installed, so it is easy to follow along regardless of your situation.

A very logical and easy to follow flow, mixed with excellent writing style make this a must read for any administrator. It is not a massive esoteric tome like a lot of the other books in its class, which makes it an excellent choice. Highly recommended!
Help other customers find the most helpful reviews 
Was this review helpful to you? Yes No


6 of 6 people found the following review helpful
5.0 out of 5 stars Outstanding book!, November 10, 2012
By 
Ken Pryor (Robinson, IL) - See all my reviews
This review is from: Practical Packet Analysis: Using Wireshark to Solve Real-World Network Problems (Paperback)
After reading this book, I have a much better understanding of the capabilities of Wireshark, but I really learned so much more. The author does a great job introducing the reader to basic networking concepts, such as the OSI model, data encapsulation, ports, MAC and IP addresses and so on. Chris Sanders does an excellent job teaching the basics and moving on from there in a way that even those very new to the material can keep up.

Networking has always been something I've known just a little about, but I've never been anywhere close to an expert. While I knew about setting up a basic Windows network, that was about it. I took SANS Network Forensics (FOR 558) last year, which uses Wireshark some and learned a lot. Looking back, I can see how much better off I would have been had I read Practical Packet Analysis before the class. So much of what was discussed in class is covered in PPA in clear, concise explanations that would have made it easier for me when I took the forensics course.

This really is one of the best tech books I've ever read. I don't say that lightly, as I've read many good IT and computer forensics books. It is well written and easy to follow. The author has .pcap files available for download from the publisher website so the reader can follow along with the examples in the book. To me, this made learning the material that much easier, allowing me to see first hand what was being taught.

Another thing I like about this and other books from the publisher, No Starch Press, are the graphics. Screenshots of computer screens are often very difficult to make out in other publishers books, but I've noticed in all of my No Starch books they are easy to see.

Practical Packet Analysis is a must-read for anyone wanting to learn how to sniff and analyze packets. Highly recommended!
Help other customers find the most helpful reviews 
Was this review helpful to you? Yes No


4 of 4 people found the following review helpful
5.0 out of 5 stars Well-written book on network analysis with free tools, February 27, 2012
This review is from: Practical Packet Analysis: Using Wireshark to Solve Real-World Network Problems (Paperback)
Author Chris Sanders, a security consultant and researcher, delivers an outstanding plain-language book that serves two purposes: teaching the reader about network architecture, and applying that knowledge for real-world network analysis using the open-source tool Wireshark.

I first encountered Wireshark when my job produced a need to analyze offline capture data from a vehicular data transponder. Following that experience I had a rudimentary knowledge of Wireshark, but had no idea of the depth of tools and analysis the tool is capable of. Chris Sanders begins the teaching process by going over network architecture and the Open Systems Interconnection (OSI) model, which I learned about in college but didn't retain all the details. The instruction includes real-world examples and shows how Wireshark can demonstrate some of the concepts. As the reader progresses through the book, Sanders brings in practical examples of network analysis with Wireshark against popular services such as Twitter, Facebook, and a sports news network Web site. Helpful chapters on wireless protocols and attacking slow network problems can be helpful for both network professionals who want to solve network issues and non-network-engineers (like me) who may want to do some basic troubleshooting in order to better know how to ask for help.

Sanders dedicates a chapter to network packet analysis for purposes of network security, going over some attack vectors and how to analyze traffic to see if victims may be on your network.

Overall this is a well-written book, and it is great that the tool of choice is open-source software that is available for many platforms. If your job touches the area of network troubleshooting or packet analysis, this book should be on your shelf.
Help other customers find the most helpful reviews 
Was this review helpful to you? Yes No


3 of 3 people found the following review helpful
5.0 out of 5 stars Practical Packet Analysis: Using Wireshark to Solve Real-World Network Problems, July 28, 2012
By 
Ron G (Huntersville, NC, United States) - See all my reviews
Verified Purchase(What's this?)
This review is from: Practical Packet Analysis: Using Wireshark to Solve Real-World Network Problems (Paperback)
Several things about this book struck me as being intensely interesting and useful: the "under the hood" information about packets and the practical "how to" of Wireshark. In the course of studying for my CCNA I attended "Cisco boot camps," read several CCNA prep books and read many, many articles from the Cisco Academy. For me, being thickheaded, "Practical Packet Analysis: Using Wireshark to Solve Real-World Network Problems" bridged the gap between theory and the practical. I especially appreciated the heavy emphasis on Wireshark. It was an immense help to understanding a tool that can be overwhelming. Nice job Chris.
Help other customers find the most helpful reviews 
Was this review helpful to you? Yes No


3 of 3 people found the following review helpful
5.0 out of 5 stars Didn't know WireShark had so many uses, May 8, 2012
Verified Purchase(What's this?)
This review is from: Practical Packet Analysis: Using Wireshark to Solve Real-World Network Problems (Paperback)
WireShark is a tool that most of us in the IT world know and have used at least once. This book takes the use of this tool to new levels. There are some uses that I had to question and there are some that are amazing. The book covers many different and real world scenarios that can be used as a building block for other purposes. In the beginning of the book, I found myself somewhat bored with the material, but towards the middle and end I very much enjoyed realizing how much more I could use WireShark for troubleshooting and saving time. I highly recommend this book for those who use wireshark, and those who troubleshoot both network and server/workstation related problems.
Help other customers find the most helpful reviews 
Was this review helpful to you? Yes No


3 of 3 people found the following review helpful
4.0 out of 5 stars If you downloaded Wireshark and you're feeling overwhelmed - this is the book for you., November 18, 2011
This review is from: Practical Packet Analysis: Using Wireshark to Solve Real-World Network Problems (Paperback)
This book is a can be used an introduction(or re-introduction) to Wireshark and packet analysis. The author does an excellent job of describing the user interface and capabilities of Wireshark and how to apply the tool in everyday problem solving.

All the basics are covered from where to place the computer for the capture and the different methods for taping the wire to be able to analyze the traffic in question. The protocols covered are the basics including ARP, TCP, UDP and upper layer DHCP, DNS, HTTP. A good review of the OSI model and what layers to focus on. The author does a good job of explaining what functions at each layer and the dependencies and interaction of other layers.

One target audience for this title would be server administrators. Technicians that are familiar with networking, the OSI model and network packets in general but may not understand how it all fits together or how to troubleshoot when things go wrong. The author presents the steps of various packet analysis scenarios and clearly illustrates them. He even makes the packet capture files available for download so the reader can walk through the steps while learning the Wireshark user interface. This book is in part a narrative and reference with links to further reading and other useful tools.

If you have downloaded Wireshark and are overwhelmed by the interface or lack the knowledge of where to start looking for potential problems, this is the book for you.
Help other customers find the most helpful reviews 
Was this review helpful to you? Yes No


3 of 3 people found the following review helpful
4.0 out of 5 stars Ideal for the busy IT administrator, October 10, 2011
This review is from: Practical Packet Analysis: Using Wireshark to Solve Real-World Network Problems (Paperback)
No Starch Press sent me Practical Packet Analysis, 2ed a little while back. At about 250 pages it's a lot smaller than Chappell's "Wireshark Network Analysis", and more appropriate for someone who wants to get up and running quickly rather than going for a certification.

The book assumes no knowledge of Wireshark, and a basic understanding of networking. More than half the book is devoted to teaching the Wireshark interface and how the popular protocols work. So, if you don't know anything about DNS recursion, you'll get a taste of it here along with what it looks like in Wireshark. The first half covers everything from filtering inside Wireshark to how different protocols work.

The second half of the book follows fairly typical examples, such as decoding HTTP streams and troubleshooting the causes of network congestion. Of special interest is Chapter 10, which is about using wireshark for security analysis. This chapter is merely an introduction to a huge topic, but the author has chosen some interesting examples such as an ARP poisoning attack and analysis of a trojan horse.

One theme the author continually comes back to is appropriate placement of the analysis tool. The early chapters discuss the matter in theory, and every example in the second half has some text that analyzes the options for where to use Wireshark and where the best spot is.

Some of the highlights of the book:

A great discussion of TCP congestion and analysis of a congestion scenario
A good tradeoff between depth and breadth. This is a "getting started" guide/
Uses many of the features of Wireshark in a practical context
A good, though basic, chapter about wireless sniffing
Some of the downsides:

No IPv6 (other than a brief mention of a host filter)
Would have liked to see more use about IO graphs and TCP stream graphs especially when talking about congestion.
On the whole, a great book for the IT administrator who wants to quickly get started using Wireshark. Cover price is $49.95 US, Amazon.com is showing it for $30 which is a bargain.
Help other customers find the most helpful reviews 
Was this review helpful to you? Yes No


‹ Previous | 1 26 | Next ›
Most Helpful First | Newest First

Details

Practical Packet Analysis: Using Wireshark to Solve Real-World Network Problems
$49.95 $32.46
In Stock
Add to cart Add to wishlist
Search these reviews only
Rate and Discover Movies
Send us feedback How can we make Amazon Customer Reviews better for you? Let us know here.