Movies Books Music Food Tv Shows Technology Politics Video Games Parenting Fashion Green Living more >

Lunch » Tags » Books » Reviews » Practical Packet Analysis: Using Wireshark to Solve Real-World Network Problems » User review

Great intro with an eye towards practical usage...

  • Jun 11, 2007
As an application developer, I don't spend a lot of time wondering about what goes down the wire (but perhaps I should). But the little hacking geek in me does have more than a passing interest in being able to see things that aren't obvious. This is probably the first book that's explained packet analysis in words and terms I could understand... Practical Packet Analysis: Using Wireshark to Solve Real-World Network Problems by Chris Sanders. Not only is it a good intro to the Wireshark (formerly Ethereal) product, but he applies it to real-world troubleshooting situations.

Contents: Packet Analysis and Network Basics; Tapping into the Wire; Introduction to Wireshark; Working with Captured Packets; Advanced Wireshark Features; Common Protocols; Basic Case Scenarios; Fighting a Slow Network; Security-based Analysis; Sniffing into Thin Air; Further Reading; Afterword; Index

I find that many networking books get heavy into the protocols and terminology, and before long a beginner like myself is completely lost. This book differs from the norm in that it covers the basics in everyday language that a relatively competent IT person (who's not a network geek) can understand. Then from there, Sanders dives into the Wireshark product and shows how it can be used to see what's actually going across the line from your computer to the network. It's not a detailed guide to the product, but there's more than enough there to allow anyone to get started and to see results. Where things really get valuable (in my opinion) is when you get to Basic Case Scenarios. There, Sanders starts walking through true-to-life situations that every IT shop will recognize. Then using Wireshark, he shows how the problem could be examined and fixed by understanding what sort of packet traffic is occurring. This bridge from book knowledge to practical experience allowed me to see why I need to have Wireshark installed, and gave me the framework for understanding how important a packet sniffer can be. By the time I was done, I was out on the website downloading the software. I may not need to "fix" anything right away, but I'm now confident that I can start to understand what's happening between my box and the rest of the world.

Hard-core network admins will probably already know most of this (and already use Wireshark). For those who dabble a bit in packet analysis as part of their job, this book will take you past the bare essentials to a more complete understanding of just what you can do. And for newbies like me, it opens a whole new world that was somewhat incomprehensible before... A very nice job on this book.

What did you think of this review?

Fun to Read
Post a Comment
More Practical Packet Analysis: Usi... reviews
review by . August 22, 2011
   I was always intrigued by the thought of actually being able to read packets (raw data) on the wire (network). I guess it was kind of a Matrix-type fantasy... at any rate, I never pursued the learning. Upon seeing the title of this book "Practical Packet Analysis" a long buried curiosity of mine was revived. First of all, I found this book very easy to read and comprehend, which is surprising, given the topic. The author starts you off with a primer in networking and some …
About the reviewer
Thomas Duff ()
Ranked #43
Thomas Duff, aka "Duffbert", is a long-time member of the Lotus community. He's primarily focused on the development side of the Notes/Domino environment, currently working for a large insurance … more
Consider the Source

Use Trust Points to see how much you can rely on this review.

Your ratings:
rate more to improve this
About this book


It's easy enough to install Wireshark and begin capturing packets off the wire--or from the air. But how do you interpret those packets once you've captured them? And how can those packets help you to better understand what's going on under the hood of your network? Practical Packet Analysis shows how to use Wireshark to capture and then analyze packets as you take an indepth look at real-world packet analysis and network troubleshooting. The way the pros do it.

Wireshark (derived from the Ethereal project), has become the world's most popular network sniffing application. But while Wireshark comes with documentation, there's not a whole lot of information to show you how to use it in real-world scenarios. Practical Packet Analysis shows you how to:

  • Use packet analysis to tackle common network problems, such as loss of connectivity, slow networks, malware infections, and more
  • Build customized capture and display filters
  • Tap into live network communication
  • Graph traffic patterns to visualize the data flowing across your network
  • Use advanced Wireshark features to understand confusing packets
  • Build statistics and reports to help you better explain technical network information to non-technical users

Because net-centric computing requires a deep understanding of network communication at the packet level, Practical Packet Analysis is a must have for any network technician, administrator, or engineer troubleshooting network problems of any kind.

Technical review by Gerald Combs, ...

view wiki



ISBN-10: 1593271492
ISBN-13: 978-1593271497
Author: Chris Sanders
Publisher: No Starch Press

© 2014 Lunch.com, LLC All Rights Reserved
Lunch.com - Relevant reviews by real people.
This is you!
Ranked #
Last login
Member since