Customer Reviews


30 Reviews
5 star:
 (21)
4 star:
 (7)
3 star:
 (1)
2 star:    (0)
1 star:
 (1)
 
 
 
 
 
Average Customer Review
Share your thoughts with other customers
Create your own review
 
 

The most helpful favorable review
The most helpful critical review


41 of 43 people found the following review helpful
5.0 out of 5 stars Excellent book with material beyond Wireshark
I was a little nervous when I started reading this book. Chapter 1 provided an overview of network analysis, but had a lot of "personality." When I read, "Wait...more data is coming in...and more...and...SCREECH!" I wasn't too sure if I was going to finish the book. At over 700 pages, I was hoping that each page contained only "meat and potatoes," without a lot of dry...
Published on April 9, 2010 by M. Christodonte II

versus
17 of 18 people found the following review helpful
1.0 out of 5 stars Really disappointed
Frankly, this is one of the biggest disappoints I've purchased in a while.

First, let me say, I have not finished the book yet, so I'll update this later if anything changes...In fact I am writing this review as a warning to anyone thinking of buying this book. Unless you are an absolute beginner, I promise , you will be thoroughly disappointed , especially...
Published on October 27, 2011 by Mike G.


‹ Previous | 1 2 3 | Next ›
Most Helpful First | Newest First

41 of 43 people found the following review helpful
5.0 out of 5 stars Excellent book with material beyond Wireshark, April 9, 2010
This review is from: Wireshark Network Analysis: The Official Wireshark Certified Network Analyst Study Guide (Paperback)
I was a little nervous when I started reading this book. Chapter 1 provided an overview of network analysis, but had a lot of "personality." When I read, "Wait...more data is coming in...and more...and...SCREECH!" I wasn't too sure if I was going to finish the book. At over 700 pages, I was hoping that each page contained only "meat and potatoes," without a lot of dry humor and meaningless analogies. Thankfully, a few pages later I began what turned into a great read -- full of solid content.

Wireshark Network Analysis goes well beyond Wireshark functionality. Although the first several chapters outline how to best use Wireshark -- examining the settings, filters, and other configurations -- I think the true value of the book is in the detailed explanations of network traffic analysis. For instance, pg. 304 delves into DNS. This section tells the reader exactly what DNS is used for and provides an analysis of normal and abnormal DNS traffic. It also shows screenshots of the packet, displays and describes its contents. This type of analysis is provided throughout the book and covers all forms of network traffic (including suspect traffic -- my personal favorite).

Page 563 resonated with me, as I'm a firm believer in baselining network traffic. In this section, Wireshark Network Analysis details the importance of baselining and the types of traffic to focus on. Like other sections, this section also provides screenshots and shows how to analyze traffic and packet statistics.

There were minimal grammar errors, and it does seem like the case studies were not tech edited by the book editor -- many of them contained several grammar mistakes. Although, it does appear that the case studies were all submitted by third parties and probably used as-is. Nevertheless, I can provide plenty of other examples as to why Wireshark Network Analysis is a great book. There are plenty of screenshots, review questions with answers on the next page (instead of making the reader turn to the back of the book), and links to tons of packet captures for analyzing on your own. Overall, the book is well-written and, in my opinion, the best network analysis book on the market today.
Help other customers find the most helpful reviews 
Was this review helpful to you? Yes No


21 of 23 people found the following review helpful
5.0 out of 5 stars Best introductory book on Wireshark available today, August 5, 2010
This review is from: Wireshark Network Analysis: The Official Wireshark Certified Network Analyst Study Guide (Paperback)
Wireshark Network Analysis (WNA) is a very practical, thorough, comprehensive introduction to Wireshark, written in an engaging style and produced in a professional manner. WNA provides a variety of methods for teaching network analysis with Wireshark, including description, screen shots, user-supplied case studies, review questions (with answers), "practice what you've learned" sections, and dozens of network traces (available online). Readers who approach the book as more of a class in printed (text) and electronic (trace file) forms will likely understand the higher-than-normal price tag. Anyone trying to learn how to use Wireshark, including basic protocol analysis, will greatly benefit by reading WNA.

WNA will not bore you. Author Laura Chappell offers one of the more lively writing styles you're likely to find in technical books, reminiscent of Michael W. Lucas. The book is expertly organized, starting with multiple chapters explaining Wireshark, followed by sections on common protocols and concluding with other uses and applications. WNA provides plenty of coverage on configuration, customization, and profiles which I have not seen addressed elsewhere.

I've been using Wireshark (previously Ethereal) for at least 10 years, and I still found a few cool tips by reading WNA. These included right click -> Apply As Column, right click -> Filter Field Reference, right click -> Colorize Conversation, Display Filter auto-completion, Display Filter Macros, Mark Packet with ctrl-M, and Ignore Packet with ctrl-X. I also learned that applying a display filter to Tshark (via -R) does NOT change the packets saved to disk -- only those counted or displayed on screen. I liked the chapters on WLAN and VoIP analysis, 26 and 27 respectively.

I only have a few caveats for WNA. First, the book doesn't talk about how to extend Wireshark. It doesn't explain how protocol dissectors work, or how to use the Lua programming language with Wireshark. The chapter on network forensics (ch 30) doesn't saw much about the subject. I would have liked examples of using Rawshark in chapter 33.

I also appreciate that WNA offers an online errata so readers can identify any typos. For example, I expect to see an issue I found with Figure 200 on p 378 to appear soon; basically some of the TCP sequence numbers need to be adjusted. Also on p 452, "Referrer" should be the misspelled but accurate Referer.

I have recommended all my junior analysts read WNA. They will learn a ton about Wireshark, and will also be able to follow Laura's explanations of many common network protocols. We may even pursue the certification tied to the book. Great work Laura!
Help other customers find the most helpful reviews 
Was this review helpful to you? Yes No


17 of 18 people found the following review helpful
1.0 out of 5 stars Really disappointed, October 27, 2011
Verified Purchase(What's this?)
This review is from: Wireshark Network Analysis: The Official Wireshark Certified Network Analyst Study Guide (Paperback)
Frankly, this is one of the biggest disappoints I've purchased in a while.

First, let me say, I have not finished the book yet, so I'll update this later if anything changes...In fact I am writing this review as a warning to anyone thinking of buying this book. Unless you are an absolute beginner, I promise , you will be thoroughly disappointed , especially considering the price tag!!!

My Complaints:
1) The chapters that describe networking are downright careless with the use of the term "packet". As any network engineer worth their weight in salt knows, frame->packet->segment (i.e layer 2 MAC fram, Layer 3 source & dest IP packet, and Layer 4 source & dest Port). This author carelessly jumbles all this up in various places generically calling it a packet. okay, you say, well this is not a intro networking book and the author discloses that and provides good references....well in my opinion, this author should either remove the first few chapters or rewrite them correctly.

2) All of the case studies I have read so far(btw: I heard they were "really good", and are the primary reason I bought the book) are poorly explained...The author explains the symptom, then says they used wireshark to fix the problem. Huh? Well that's just great, what the heck did you do, I want screenshots, and step-by-step details. Otherwise it's just some worthless story.

3)chapters 2-4+ repeatedly reference free online material...like user guide stuff. These chapters talk about stuff like menus and user interface stuff... why is it even in the book if it's free online....Some might think it is necessary, but to me it is just filler.

Currently, I'm on chapter 14...
Sorry, at this point I cannot recommend any good alternatives...I'll keep looking.

Honestly, I've learned more about wireshark looking at free online videos and reading the online documentation.
That's it for now, I'll be back
Help other customers find the most helpful reviews 
Was this review helpful to you? Yes No


9 of 9 people found the following review helpful
5.0 out of 5 stars Hands down the best network analysis book to date., June 13, 2010
By 
Dan (Calgary, AB Canada) - See all my reviews
(REAL NAME)   
This review is from: Wireshark Network Analysis: The Official Wireshark Certified Network Analyst Study Guide (Paperback)
I saw this book in the Tech Ed 2010 book store the day before Laura's session and thought $99 - you've got to be kidding! After seeing her present in her first session, my opinion changed completely and I rushed (along with many other attendees at the session) directly to the bookstore down the hall to grab a copy.

Needless to say the book sold out immediately and I was lucky to have obtained one.

I have been in the Networking industry for close to 20 years, and Laura has the unique ability to make this material understandable and accessible for anyone that has basic network knowledge. Coupled with her sense of humor, it enables one to tackle this esoteric topic and even enjoy it along the way.

This book has enabled me to "fill in the gaps" in my network analysis skill set and I look forward to referring to it for a long time to come.

Great job Laura, I look forward to seeing more material from you in the future!
Help other customers find the most helpful reviews 
Was this review helpful to you? Yes No


12 of 14 people found the following review helpful
4.0 out of 5 stars Excellent Resource, April 14, 2010
By 
Parentsof4 (South East Michigan, United States) - See all my reviews
Verified Purchase(What's this?)
This review is from: Wireshark Network Analysis: The Official Wireshark Certified Network Analyst Study Guide (Paperback)
A through knowledge of TCP/IP and a packet-level understanding of network traffic is essential for any Network Administrator or Engineer. If you take your time go and work along with the material in this book, you should be able to troubleshoot difficult and hard to diagnose network issues. No matter what the device is, a firewall, load balancer, server or router, it all comes down to packets on the wire. My only issue is that for $99. I would have expected a hardback or at least color, otherwise this would have easily been 5 stars.
Help other customers find the most helpful reviews 
Was this review helpful to you? Yes No


10 of 12 people found the following review helpful
5.0 out of 5 stars excellent resource, May 14, 2010
Verified Purchase(What's this?)
This review is from: Wireshark Network Analysis: The Official Wireshark Certified Network Analyst Study Guide (Paperback)
As a Network Forensic Analyst I spend all day sniffing packets, isolating and correcting network issues. I grabbed this book immediately because even though I've used other sniffers, and am sniffer certified, I use wireshark all the time. This book has been an EXCELLENT resource! It's divided up by protocol making it very easy to follow with Great Case Studies which provide insight into problems you might also be having. Because of how it's written, it's great for beginning sniffers, (as long as you have a good handle on the TCP/IP OSI model), and for experts as a resource to look up methods and technical info.
Bonus, if you read the notes at the bottom of the pages, and sometimes in the main text, you will find subtle humor which has made me laugh a few times. This is a fresh approach to an otherwise tedious task in writing a technical type manual. I've also attended Lauras webinars, which are also enlightening as Laura is a really enthusiastic and fun teacher.

Laura, GREAT JOB!!!

John
Help other customers find the most helpful reviews 
Was this review helpful to you? Yes No


3 of 3 people found the following review helpful
4.0 out of 5 stars One of the best networking books I've read, November 7, 2010
By 
docrice (Bay Area, CA) - See all my reviews
Verified Purchase(What's this?)
This review is from: Wireshark Network Analysis: The Official Wireshark Certified Network Analyst Study Guide (Paperback)
The first time I saw Laura Chappell was at the first Sharkfest conference. Her class instruction on protocols and analysis was outstanding, and this book provides the same down-to-earth / enjoyable experience in understanding not just Wireshark as a troubleshooting tool, but also how common protocols function as well as approaching different troubleshooting scenarios to find the source(s) of networking problems. I've been using Wireshark since it was called Ethereal years ago and this book still filled in quite a few knowledge gaps.

There are many networking books on the market, including your usual vendor-specific certification titles. Wireshark Network Analysis provides a practical way to dive into the sometimes-mysterious world of packets, headers, and communication patterns which other books don't cover. Many engineers know which buttons to push for device configuration, but lack a strong understanding of how protocols work. This book starts you on that journey with plenty of foundation material and then some.

I didn't give the book five stars due to the occasional grammar and technical errors that numbered a little too frequently for my taste (which are corrected in the errata), but overall I think it's very close. I got my WCNA certification shortly after going through this book.
Help other customers find the most helpful reviews 
Was this review helpful to you? Yes No


3 of 3 people found the following review helpful
5.0 out of 5 stars Can put the book down., April 28, 2010
By 
This review is from: Wireshark Network Analysis: The Official Wireshark Certified Network Analyst Study Guide (Paperback)
What a refreshing approach to network analysis. I have been to one of Laura's two day seminars and reading this book is like having Laura right here in the room. Great book indeed. This will guide a novice with a basic understanding to being proficient at understanding packet communication. I recommend to anyone in the network administration field.
Help other customers find the most helpful reviews 
Was this review helpful to you? Yes No


3 of 3 people found the following review helpful
3.0 out of 5 stars WRITTEN FOR CERTIFICATION - NOT A REFERENCE BOOK, April 16, 2012
Verified Purchase(What's this?)
This review is from: Wireshark Network Analysis: The Official Wireshark Certified Network Analyst Study Guide (Paperback)
I read so many positive reviews that I thought it worth the 90.00 bucks. This book is written for anyone who is interested in becoming Wireshark certified in 2010 and not a Wireshark reference.

Wireshark is great program and tries to keep current with emerging technologies. The book doesn't, NEEDS UPDATING. It would be nice to have download addendum for registered book owners. "This is not on the test, but it is a gotcha." Checked web site, didn't find update.

I rated the book on the content and this is an observation. This would be helpful for newbies, it is hard to read a chapter on colors if the material is black and white.
Help other customers find the most helpful reviews 
Was this review helpful to you? Yes No


3 of 3 people found the following review helpful
4.0 out of 5 stars Like the Missing Manual Series, March 16, 2012
Verified Purchase(What's this?)
This review is from: Wireshark Network Analysis: The Official Wireshark Certified Network Analyst Study Guide (Paperback)
David Pogue should have granted Laura the money for this book and published it cheaper, because they both think alike in some ways. I'm going to bet they've either met before, and am sure they are aware of each other. This book is a bit pricey (drawing back one star), but you have to grasp the expertise involved. Laura has been in the "sniffing" business for quite some time. You will never meet another person so enthusiastic about Network Sniffing and such as Laura.

With that said, Wireshark is free. The competition is VERY expensive. What you get here is a way to appreciate the full benefits of such a powerful, but free piece of software. For the price of this book, you get the most out of Wireshark, and that's still amazingly inexpensive, should you consider the price of OmniPeek, NAI (Sniffer Pro), or even the super-incredibly, ridiculously, ludicrously, bloated-ly, and absurdly high priced OPNET Ace Analyst!

So, after having gone through this book, to some, it may seem fairly basic. I disagree to an extent. It's basic if you "believe" you are an expert, and if you've resolved a lot of common issues with sniffers. However, buried in this text are a few key gems that can easily be overlooked, but could save you time and sweat, trying to troubleshoot a nasty network issue, only to find out 3 hours later, it wasn't a network issue at all. Laura's tips and tricks are quite valuable. Pick them out and put them to use. You'll see!

Also, if you are looking to be certified, this is a VERY good start, and the money you can make troubleshooting tricky networked issues will pay for it. Or you will have a nice feather-in-your-cap resume' knowing you can dissect issues quickly and within minutes.

As far as readability, it's easy to follow. I don't believe I came across any real text (other than a minor typo or two) that mislead me, or confused me. It's well written, and if you keep to the outline, you will see just how it fits a good learning ethic.
Help other customers find the most helpful reviews 
Was this review helpful to you? Yes No


‹ Previous | 1 2 3 | Next ›
Most Helpful First | Newest First

Details

Wireshark Network Analysis: The Official Wireshark Certified Network Analyst Study Guide
Used & New from: $58.34
Add to wishlist See buying options
Search these reviews only
Send us feedback How can we make Amazon Customer Reviews better for you? Let us know here.