NO STARCH PRESS
"the finest in geek entertainment"™
Home  | Catalog  | Blog  | Planet  | Media  | Buy  | About  | Cart


book main | contents | reviews

Practical Packet Analysis
Using Wireshark to Solve Real-World Network Problems
by Chris Sanders

May 2007, 172 pp.
$39.95 Paperback
$23.95 PDF
$47.95 PDF and Paperback
ISBN-10 1-59327-149-2
ISBN-13 978-1-59327-149-7

View a sample chapter, Chapter 6: Common Protocols

Download the sample capture files here: .zip [*]

It's easy enough to install Wireshark and begin capturing packets off the wire--or from the air. But how do you interpret those packets once you've captured them? And how can those packets help you to better understand what's going on under the hood of your network? Practical Packet Analysis shows how to use Wireshark to capture and then analyze packets as you take an indepth look at real-world packet analysis and network troubleshooting. The way the pros do it.

Wireshark (derived from the Ethereal project), has become the world's most popular network sniffing application. But while Wireshark comes with documentation, there's not a whole lot of information to show you how to use it in real-world scenarios. Practical Packet Analysis shows you how to:

  • Use packet analysis to tackle common network problems, such as loss of connectivity, slow networks, malware infections, and more
  • Build customized capture and display filters
  • Tap into live network communication
  • Graph traffic patterns to visualize the data flowing across your network
  • Use advanced Wireshark features to understand confusing packets
  • Build statistics and reports to help you better explain technical network information to non-technical users

Because net-centric computing requires a deep understanding of network communication at the packet level, Practical Packet Analysis is a must have for any network technician, administrator, or engineer troubleshooting network problems of any kind.

Technical review by Gerald Combs, creator of Wireshark

Chris Sanders is the network administrator for the Graves County Schools in Kentucky, where he manages more than 1,800 workstations, 20 servers, and a user base of nearly 5,000. His website, ChrisSanders.org, offers tutorials, guides, and technical commentary, including the very popular Packet School 101. He is also a staff writer for WindowsNetworking.com and WindowsDevCenter.com. He uses Wireshark for packet analysis almost daily.

* Because of their contents, the capture files in this zip file may set off false positives in your anti-virus program. To confirm that you have the files that Chris is using in his book, make sure that the zip file you downloaded has the following MD5 sum: 8d8ccf467ac54b0ff3c091c50bf5ff6d

A complete listing of the MD5 sums of individual files is available here


book main | contents | reviews



Copyright 2009 by No Starch Press