‘Practical packet analysis: Using Wireshark to solve real-world network problems’ is a book written by Chris Sanders that aims to teach more about packet capturing and packet analysis using a open-source/free-to-use tool called Wireshark. This book is for beginners (with some knowledge in computer networking) and intermediate users (who know how to use Wireshark but don’t know about its advanced functions) who need deal with some sort of packet capture and analysis to understand what is going on in their networks and want to learn how to troubleshoot them.
Wireshark is available for all the three major operating systems (Windows, Linux and Mac) and this book guides the reader on how to install Wireshark in each of them. As a bonus, this book takes beginners through OSI networking model and network protocols in order to provide a solid basic foundation, before getting into complex network monitoring/packet analysis.
Purpose of this book/what you can learn through this book:
- What network sniffers are, why you need to sniff packets in your network, how to do it (in the context of Wireshark)
- Troubleshoot slow networks
- Find out and get rid of common network problems through packet analysis
- How to build custom filters to do specific analysis on your network
- Real-time network monitoring
- Visualize all the data traffic in your network through graphs and statistical reports
- Understand how Wireshark has been used by others and how it has been used in practical cases with examples (45 of them)
- How to install Wireshark and how to start using it
- How to decode http streams
- Wireless sniffing
- Security analysis (both for wired and wireless networks)
- Troubleshooting network congestions
- Troubleshooting security issues like ARP spoofing attacks, Man-in-the-middle attacks, Trojan horse attack, etc
- Best place to locate Wireshark analysis tool on the network
In short, the book ‘Practical pocket analysis: Using Wireshark to solve real-world network problems’ teaches you everything you wanted to know about Wireshark. It only helps that Wireshark is a powerful, popular and open-source free-to-use software that is trusted by many network administrators around the world. If you have not yet used Wireshark, maybe it is time to use it and this book will help you. The author/publishers even allow the reader to download some common packet capture files/filters from their site. A useful addition.
Since Wireshark has a nice GUI to work with and this book uses that GUI to explain almost everything, it is easier for beginners to understand this complex tool. However, this book is not for people who are already an expert in packet capture/analysis. This book is a practical guide on using Wireshark and is not a guide for getting Wireshark certification. There is another book that deals extensively with Wireshark certification. Also, analysis in the context of IPv6 is not covered extensively.
Where to buy: You can buy the hard bound version of this book (in US) or the Kindle version (at reduced price, to read on a Kindle or a web-browser) from this Amazon link.
You can follow the latest Computer Networking/IT Products released for homes/small businesses & reviews by subscribing to this blog with your email address in the top right-hand sidebar box: ‘Follow by E-mail’. You can expect one mail per week (max).