Book of the Month – Wireshark Network Analysis

“Wireshark Network Analysis” is the latest book on Wireshark, the top notch tool for network analyzer.Wireshark is used in analyzing network traffic, troubleshooting network problems on wired and wireless network. Either you are an network analyst,  administrator,  network security professional this will be the book that you don’t want to miss. The book is well written to cater to all range of readers from beginner to experts alike.


Here is the table of contents,

Chapter 1: The World of Network Analysis
Chapter 2: Introduction to Wireshark
Chapter 3: Capture Traffic
Chapter 4: Create and Apply Capture Filters
Chapter 5: Define Global and Personal Preferences
Chapter 6: Colorize Traffic
Chapter 7: Define Time Values and Interpret Summaries
Chapter 8: Interpret Basic Trace File Statistics
Chapter 9: Create and Apply Display Filters
Chapter 10: Follow Streams and Reassemble Data
Chapter 11: Customize Wireshark Profiles
Chapter 12: Save, Export and Print Packets
Chapter 13: Use Wireshark’s Expert System
Chapter 14: TCP/IP Analysis Overview
Chapter 15: Analyze Domain Name System (DNS) Traffic
Chapter 16: Analyze Address Resolution Protocol (ARP) Traffic
Chapter 17: Analyze Internet Protocol (IPv4) Traffic
Chapter 18: Analyze Internet Control Message Protocol (ICMP) Traffic
Chapter 19: Analyze User Datagram Protocol (UDP) Traffic
Chapter 20: Analyze Transmission Control Protocol (TCP) Traffic
Chapter 21: Graph IO Rates and TCP Trends
Chapter 22: Analyze Dynamic Host Configuration Protocol (DHCP) Traffic
Chapter 23: Analyze Hypertext Transfer Protocol (HTTP) Traffic
Chapter 24: Analyze File Transfer Protocol (FTP) Traffic
Chapter 25: Analyze Email Traffic
Chapter 26: Introduction to 802.11 (WLAN) Analysis
Chapter 27: Introduction to Voice over IP (VoIP) Analysis
Chapter 28: Baseline “Normal” Traffic Patterns
Chapter 29: Find the Top Causes of Performance Problems
Chapter 30: Network Forensics Overview
Chapter 31: Detect Scanning and Discovery Processes
Chapter 32: Analyze Suspect Traffic
Chapter 33: Effective Use of Command-Line Tools
Appendix A: Resources on the Book Website

Initial chapters focus on settings, filters, usage options of Wireshark. If you are advanced user of Wireshark then you may want  to skp these sections but its advised to read through as you may find some missing point for sure.Later part of this book focuses on analysis of popular and most frequently flowing protocols including base (IP, TCP ,  UDP, ICMP etc)  and application level protocols (DNS, HTTP, FTP etc).  Real fun starts here and this is what places this book high on the stand.  The chapters on Wireless and VOIP are particularly interesting as they provide insight on less mastered areas for any network analysts.  Troubleshooting sections at the end will surely going to make any network administrator’s job easier than earlier.

What makes this book easier to read and faster to grasp is its illustrative screenshots, through out the book author has demonstrated every analysis with relevant screenshots. Author has provided numerous practical case studies which are highly enlightening.  The review questions and answers helps readers to digest and understand the facts for each chapter. Also the humorous content between the pages helps to keep the reader alive while reading the technical book like this 🙂

This book is based on author’s 20 years of extensive work on packet analysis and troubleshooting. In this 800 pages of massive compilation author has torn apart every aspect of Wireshark to bring the light into the dark regions of legion.

In short,  either you are on the air or wire there is no better tool than Wireshark and there is no better book than this…!

eBook: Got a link, let me know


Similar posts
  • SecurityXploded Mentorship Programme ... I am writing this blog to share my SecurityXploded Student Mentorship Programme experience with the future students of this programme. My mentorship programme started last year in August when I was in 2nd year of MS at IIIT-Allahabad. I knew about SecurityXploded community since I used to follow their blogs, training programmes and security tools [...]
  • Code Injection and API Hooking Techni... Hooking covers a range of techniques used for many purposes like debugging, monitoring, intercepting messages, extending functionality etc. Hooking is also used by a lot of rootkits to camouflage themselves on the system. Rootkits use various hooking techniques when they have to hide a process, hide a network port, redirect file writes to some different [...]
  • Announcement – SecurityXploded ... From the past two years we are working actively on couple of projects to support the security community. As you all may already know that we have successfully completed our reversing and malware analysis training programme and we are very glad that it was very helpful for everyone. In my opinion the success of any [...]
  • Advanced Malware Analysis Training Se... Here is the quick update on this month’s Local Security meet (SX/Null/G4H/owasp) and our advanced malware training session on (Part 2) Dissecting the HeartBeat  RAT Functionalities   This is part of our FREE ‘Advanced Malware Analysis Training’ series started from Dec 2012.       In this extended session, I explained “Decrypting various Communications Of HeartBeat [...]
  • Advanced Malware Analysis Training Se...   Here is the quick update on this month’s Local Security meet (SX/Null/G4H/owasp) and our advanced malware training session on (Part 1) Reversing & Decrypting Communications of HeartBeat RAT This is part of our FREE ‘Advanced Malware Analysis Training’ series started from Dec 2012.       In this extended session, I explained “Decrypting The [...]


  1. mary mary
    May 26, 2010    

    If you are interested in learning more about security network my client Cisco is hosting Cisco Live at The Mandalay Bay Resort in Las Vegas…June 27-July 1st.

  2. lennard lennard
    September 5, 2010    

    too sad currently there is no links found for this book.

Leave a Reply

Our Company

Follow us on Facebook

Join Mailing List

Get direct access to our expert trainers or mingle with like minded security folks in our mailing list