Book of the Month – Wireshark Network Analysis

“Wireshark Network Analysis” is the latest book on Wireshark, the top notch tool for network analyzer.Wireshark is used in analyzing network traffic, troubleshooting network problems on wired and wireless network. Either you are an network analyst,  administrator,  network security professional this will be the book that you don’t want to miss. The book is well written to cater to all range of readers from beginner to experts alike.


Here is the table of contents,

Chapter 1: The World of Network Analysis
Chapter 2: Introduction to Wireshark
Chapter 3: Capture Traffic
Chapter 4: Create and Apply Capture Filters
Chapter 5: Define Global and Personal Preferences
Chapter 6: Colorize Traffic
Chapter 7: Define Time Values and Interpret Summaries
Chapter 8: Interpret Basic Trace File Statistics
Chapter 9: Create and Apply Display Filters
Chapter 10: Follow Streams and Reassemble Data
Chapter 11: Customize Wireshark Profiles
Chapter 12: Save, Export and Print Packets
Chapter 13: Use Wireshark’s Expert System
Chapter 14: TCP/IP Analysis Overview
Chapter 15: Analyze Domain Name System (DNS) Traffic
Chapter 16: Analyze Address Resolution Protocol (ARP) Traffic
Chapter 17: Analyze Internet Protocol (IPv4) Traffic
Chapter 18: Analyze Internet Control Message Protocol (ICMP) Traffic
Chapter 19: Analyze User Datagram Protocol (UDP) Traffic
Chapter 20: Analyze Transmission Control Protocol (TCP) Traffic
Chapter 21: Graph IO Rates and TCP Trends
Chapter 22: Analyze Dynamic Host Configuration Protocol (DHCP) Traffic
Chapter 23: Analyze Hypertext Transfer Protocol (HTTP) Traffic
Chapter 24: Analyze File Transfer Protocol (FTP) Traffic
Chapter 25: Analyze Email Traffic
Chapter 26: Introduction to 802.11 (WLAN) Analysis
Chapter 27: Introduction to Voice over IP (VoIP) Analysis
Chapter 28: Baseline “Normal” Traffic Patterns
Chapter 29: Find the Top Causes of Performance Problems
Chapter 30: Network Forensics Overview
Chapter 31: Detect Scanning and Discovery Processes
Chapter 32: Analyze Suspect Traffic
Chapter 33: Effective Use of Command-Line Tools
Appendix A: Resources on the Book Website

Initial chapters focus on settings, filters, usage options of Wireshark. If you are advanced user of Wireshark then you may want  to skp these sections but its advised to read through as you may find some missing point for sure.Later part of this book focuses on analysis of popular and most frequently flowing protocols including base (IP, TCP ,  UDP, ICMP etc)  and application level protocols (DNS, HTTP, FTP etc).  Real fun starts here and this is what places this book high on the stand.  The chapters on Wireless and VOIP are particularly interesting as they provide insight on less mastered areas for any network analysts.  Troubleshooting sections at the end will surely going to make any network administrator’s job easier than earlier.

What makes this book easier to read and faster to grasp is its illustrative screenshots, through out the book author has demonstrated every analysis with relevant screenshots. Author has provided numerous practical case studies which are highly enlightening.  The review questions and answers helps readers to digest and understand the facts for each chapter. Also the humorous content between the pages helps to keep the reader alive while reading the technical book like this 🙂

This book is based on author’s 20 years of extensive work on packet analysis and troubleshooting. In this 800 pages of massive compilation author has torn apart every aspect of Wireshark to bring the light into the dark regions of legion.

In short,  either you are on the air or wire there is no better tool than Wireshark and there is no better book than this…!

eBook: Got a link, let me know


Similar posts
  • Microsoft MCSE Certification: Your Ne... Microsoft MCSE is the most in-demand certification for all those professionals who work in the Information Technology industry. Most IT companies prefer hiring those workers who carry the Microsoft MCSE certificate. That is why most of the IT job applicants today try to get certified by Microsoft. In the competitive job market, MCSE helps an [...]
  • Computer Security Tips: Stay Safe Onl... In recent times cyber security has raised the level of awareness and public consciousness as never before. Both large corporations and big organizations try to take care of online security as much as they can. That’s why cyber criminals and hackers have focused more on smaller companies and single entrepreneurs. This awful tendency leads to [...]
  • SecurityXploded Mentorship Programme ... I am writing this blog to share my SecurityXploded Student Mentorship Programme experience with the future students of this programme. My mentorship programme started last year in August when I was in 2nd year of MS at IIIT-Allahabad. I knew about SecurityXploded community since I used to follow their blogs, training programmes and security tools [...]
  • Code Injection and API Hooking Techni... Hooking covers a range of techniques used for many purposes like debugging, monitoring, intercepting messages, extending functionality etc. Hooking is also used by a lot of rootkits to camouflage themselves on the system. Rootkits use various hooking techniques when they have to hide a process, hide a network port, redirect file writes to some different [...]
  • Announcement – SecurityXploded ... From the past two years we are working actively on couple of projects to support the security community. As you all may already know that we have successfully completed our reversing and malware analysis training programme and we are very glad that it was very helpful for everyone. In my opinion the success of any [...]

Leave a Reply