Author Chris Sanders, a security consultant and researcher, delivers an outstanding plain-language book that serves two purposes: teaching the reader about network architecture, and applying that knowledge for real-world network analysis using the open-source tool Wireshark.

I first encountered Wireshark when my job produced a need to analyze offline capture data from a vehicular data transponder.  Following that experience I had a rudimentary knowledge of Wireshark, but had no idea of the depth of tools and analysis the tool is capable of.  Chris Sanders begins the teaching process by going over network architecture and the Open Systems Interconnection (OSI) model, which I learned about in college but didn’t retain all the details.  The instruction includes real-world examples and shows how Wireshark can demonstrate some of the concepts.  As the reader progresses through the book, Sanders brings in practical examples of network analysis with Wireshark against popular services such as Twitter, Facebook, and a sports news network Web site.  Helpful chapters on wireless protocols and attacking slow network problems can be helpful for both network professionals who want to solve network issues and non-network-engineers (like me) who may want to do some basic troubleshooting in order to better know how to ask for help.

Sanders dedicates a chapter to network packet analysis for purposes of network security, going over some attack vectors and how to analyze traffic to see if victims may be on your network.

Overall this is a well-written book, and it is great that the tool of choice is open-source software that is available for many platforms.  If your job touches the area of network troubleshooting or packet analysis, this book should be on your shelf.

 

Cover of Practical Packet Analysis: Using Wireshark to Solve Real-World Network Problems by Chris Sanders

 

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>