Book review: Practical Packet Analysis: Using Wireshark to Solve Real-World Network Problems by <i>Chris Sanders</i>

Book review: Practical Packet Analysis: Using Wireshark to Solve Real-World Network Problems by Chris Sanders


Knowing what information is traveling across your network is what keeps you out of trouble. Are there unknown hosts chatting away with each other? Is my machine talking to strangers? You need a packet sniffer to really find the answers to these questions. Wireshark is one of the best tools to do this job and this book is one of the best ways to learn about that tool. Chris Sanders, the author of this handy book, brings you the information cleanly and clearly. His style is to show you—to walk you through exactly what to do. This method works well and the book is quite readable.

The book’s coverThe book’s cover

I’ve been using Wireshark, formerly Ethereal, for many years. My first impression of this book is that there is an awful lot of networking background material provided. But as I started to dig more deeply, I found out that this background material taught me a few things too. There are many ways to approach a problem and the author showed me some fresh ways. I also remembered that many folks will be using this tool for the very first time and it started to look a little more balanced. The author brings the reader along at a good pace and I found myself learning new tips quickly. He explains different physical network layouts and how to best use Wireshark in each one. This information alone will be valuable to the new user, but there is much more contained in these pages.

“Practical Packet Analysis shows how to use Wireshark to capture and then analyze packets...”

The contents

The book is not thick or heavy, nor does it need to be. With only 216 pages total measuring out at 7 x 9.25 inches, (18 x 23.5cm), it’s easy to slip the book in a desk drawer and keep close by. No Starch Press used RepKover for this book as well. RepKover allows you to lay the book flat and have it stay that way. This feature keeps you from having to wedge the book under the lip of a keyboard to keep your pages turned. When you’ve had to use a few books to troubleshoot something under pressure or in a crisis situation, you really start to appreciate this little feature. The book takes you through network basics, tapping into the wires, capturing packets, and points out some common protocols. You’ll want to keep this book open too; the practical examples are excellent. Following the examples will not only teach you about the tool but may also solve some immediate problems on your network. The reader is shown some typical network slowdown issues and how to perform a security analysis. A good section on wireless is also included.

Who’s this book for?

This book is aimed at those who need to know how to perform packet analysis right now. Whether you are simply looking to understand how your machine “talks” with a website, debug the behavior of a new network device, troubleshoot your new network application or perhaps perform a security check, this book is going to have something to help you. As the title states, this is a “practical” book and it will tell you how to get the job done. Let me correct that, it will show you how to get the job done.

Relevance to free software

This book is all about free software. Wireshark is released under the GNU General Public License. The software will run on Windows, Mac OS X, and certainly on GNU/Linux. Installation is addressed for these three operating systems. Packages are available for most operating systems and you always have access to the source code as well. Most importantly though, this book will help you open up what is typically a closed system—the wire itself. Users who equate information with freedom will want to grab this book and see what’s happening on those wires.

“Wireshark has become the world’s most popular network sniffing application.”

Pros

You should buy this book because you need to know what is happening on your network. Just for fun, start up Wireshark and then load your favorite website. I dare say you’ll be surprised at just how much network traffic is generated by a typical website. Take a look at the DNS traffic and you might even be surprised at who is generating it. If you are responsible for the security or performance of your network and have not been using this tool yet, now is the time to get started. Even if you have been using this tool for years, this book has some tips to help you pull useful information from raw data even faster.

Cons

It has been said that ignorance is bliss. Knowing what sort of data is traveling about on your network may be a bit of a shock and might destroy that blissful feeling.
Title Practical Packet Analysis
Author Chris Sanders
Publisher No Starch Press
ISBN 1593271492
Year 2007
Pages 216
CD included Yes/No
FS Oriented 10
Over all score 10

In short

Category: 
Reviews
Tagging: 
book review
wireshark
License: 
CC-BY

Comments

clievers's picture
Submitted by clievers on

Sounds good. I've been curious at times the information flowing down the pipes. This sounds like a good book to try and figure some of that stuff out.
Thanks for the review.

------
let's all play nice!

Anonymous visitor's picture
Submitted by Anonymous visitor (not verified) on

This is a great book. It's small enough you can give it a quick read while on an airplane, then go back play with the examples when you are in front of a computer. I had very little experience while packet analysis before reading this book, and by no means am I a master at it now, but I do feel I understand enough to know what traffic is moving on my network. I would give this book 4 stars, it was great.

dmflad's picture
Submitted by dmflad on

I really NEED this book. I love books that explain things with real usable examples. Have been thinking to use WireShark to do security checks on a new web app and its servers. As always , it seems I am trying to learn and use software at the same time so walk-thru examples are always a plus.

Author information

Brian Turner's picture

Biography

After 18 years supporting communication networks, satellite and microwave, I've discovered some fun on the PC again. GNU/Linux, Mac OS X and MS Windows all have their uses, but GNU/Linux is where the fun is at.

Most forwarded

Interview with Dave Mohyla, of DTIDATA

Dave Mohyla is the president and founder of dtidata.com, a hard drive recovery facility based in Tampa, Florida.

TM: Where are you based? What does your company do?
DTI Data recovery is based in South Pasadena, Florida which is a suburb of Tampa. We have been here for over 10 years. We operate a bio-metrically secured class 100 clean room where we perform hard drive recovery on all types of hard disks, from laptop hard drives to multi drive RAID systems.

Anybody up to writing good directory software?

Since the very beginning, directories (of any kind) have had a very central role in the internet. (I have recently grown fond of Free Web Directory. Even Slashdot can be considered a directory: a collection of great news and invaluable user-generated comments. As far as software is concerned, doing a quick search on Google about software directories will return the free (as in freedom) software directories like Savannah, SourceForge, Freshmeat and so on, followed by shareware and freeware sites such as FileBuzz, PCWin Download Center and All Freeware (great if you're looking for shareware and freeware, but definitely less comprehensive than their free-as-in-freedom counterparts).

Interview with Mark Shuttleworth

Mark Shuttleworth is the founder of Thawte, the first Certification Authority to sell public SSL certificates. After selling Thawte to Verisign, Mark moved on to training as an astronaut in Russia and visiting space. Once he got back he founded Ubuntu, the leading GNU/Linux distribution. He agreed on releasing a quick interview to Free Software Magazine.

Is better education the key to finding better software?

I read David Jonathon's article Anybody Up To Writing Good Directory Software? the other day, which got me thinking about software directories in general. As David mentioned, many of the software directories one finds when doing a quick google search are free as in beer, not as in freedom. But what interests me is the software directories that already exist, providing a combination of both free as in beer software, and open source software. Sites such as Freeware Downloads and Shareware Download don't advertise themselves as providing free as in liberty software, but each of them have a good selection of open source software available... if you know where to look.

Most emailed

Free Open Document label templates

If you’ve ever spent hours at work doing mailings, cursed your printer for printing outside the lines on your labels, or moaned “There has got to be a better way to do this,” here’s the solution you’ve been looking for. Working smarter, not harder! Worldlabel.com, a manufacture of labels offers Open Office / Libre Office labels templates for downloading in ODF format which will save you time, effort, and (if you want) make really cool-looking labels

Creating a user-centric site in Drupal

A little while ago, while talking in the #drupal mailing list, I showed my latest creation to one of the core developers there. His reaction was "Wow, I am always surprised what people use Drupal for". His surprise is somehow justified: I did create a site for a bunch of entertainers in Perth, a company set to use Drupal to take over the world with Entertainers.Biz.

Update: since writing this article, I have updated the system so that the whole booking process happens online. I will update the article accordingly!

So, why, why do people and companies develop free software?

More and more people are discovering free software. Many people only do so after weeks, or even months, of using it. I wonder, for example, how many Firefox users actually know how free Firefox really is—many of them realise that you can get it for free, but find it hard to believe that anybody can modify it and even redistribute it legally.

When the discovery is made, the first instinct is to ask: why do they do it? Programming is hard work. Even though most (if not all) programmers are driven by their higher-than-normal IQs and their amazing passion for solving problems, it’s still hard to understand why so many of them would donate so much of their time to creating something that they can’t really show off to anybody but their colleagues or geek friends.

Sure, anybody can buy laptops, and just program. No need to get a full-on lab or spend thousands of dollars in equipment. But... is that the full story?

Fun articles

Santa Claus - the most successful open source project

It dawned on me the other day, as I was shopping for the dozens of gifts it seems I have to buy every December, that Santa Claus is the most successful open source project in history. (Bridget @ Illiterarty would agree with that). Santa Claus is essentially a marketing development that is embodied by everyone who stuffs a sock, gives a gift, hosts a dinner or wishes Merry Christmas over the holiday season.

Most emailed

Editorial

When I first started thinking about Free Software Magazine, I was feeling enthusiastic about the dream. I had Dave, Gianluca, and Alan willing to help me, I had established members of the free software community willing to help me out, I had writers volunteering their time and energy for free, and I had a generous offer from OpenHosting for servers, all before I'd proved myself. There was a sense of excitement in the air, and I thought maybe, just maybe, I could make this work.

Free Software Magazine uses Apollo project management software and CRM for its everyday activities!