“Wireshark Network Analysis” is the latest book on Wireshark, the top notch tool for network analyzer.Wireshark is used in analyzing network traffic, troubleshooting network problems on wired and wireless network. Either you are an network analyst,  administrator,  network security professional this will be the book that you don’t want to miss. The book is well written to cater to all range of readers from beginner to experts alike.


Here is the table of contents,

Chapter 1: The World of Network Analysis
Chapter 2: Introduction to Wireshark
Chapter 3: Capture Traffic
Chapter 4: Create and Apply Capture Filters
Chapter 5: Define Global and Personal Preferences
Chapter 6: Colorize Traffic
Chapter 7: Define Time Values and Interpret Summaries
Chapter 8: Interpret Basic Trace File Statistics
Chapter 9: Create and Apply Display Filters
Chapter 10: Follow Streams and Reassemble Data
Chapter 11: Customize Wireshark Profiles
Chapter 12: Save, Export and Print Packets
Chapter 13: Use Wireshark’s Expert System
Chapter 14: TCP/IP Analysis Overview
Chapter 15: Analyze Domain Name System (DNS) Traffic
Chapter 16: Analyze Address Resolution Protocol (ARP) Traffic
Chapter 17: Analyze Internet Protocol (IPv4) Traffic
Chapter 18: Analyze Internet Control Message Protocol (ICMP) Traffic
Chapter 19: Analyze User Datagram Protocol (UDP) Traffic
Chapter 20: Analyze Transmission Control Protocol (TCP) Traffic
Chapter 21: Graph IO Rates and TCP Trends
Chapter 22: Analyze Dynamic Host Configuration Protocol (DHCP) Traffic
Chapter 23: Analyze Hypertext Transfer Protocol (HTTP) Traffic
Chapter 24: Analyze File Transfer Protocol (FTP) Traffic
Chapter 25: Analyze Email Traffic
Chapter 26: Introduction to 802.11 (WLAN) Analysis
Chapter 27: Introduction to Voice over IP (VoIP) Analysis
Chapter 28: Baseline “Normal” Traffic Patterns
Chapter 29: Find the Top Causes of Performance Problems
Chapter 30: Network Forensics Overview
Chapter 31: Detect Scanning and Discovery Processes
Chapter 32: Analyze Suspect Traffic
Chapter 33: Effective Use of Command-Line Tools
Appendix A: Resources on the Book Website

Initial chapters focus on settings, filters, usage options of Wireshark. If you are advanced user of Wireshark then you may want  to skp these sections but its advised to read through as you may find some missing point for sure.Later part of this book focuses on analysis of popular and most frequently flowing protocols including base (IP, TCP ,  UDP, ICMP etc)  and application level protocols (DNS, HTTP, FTP etc).  Real fun starts here and this is what places this book high on the stand.  The chapters on Wireless and VOIP are particularly interesting as they provide insight on less mastered areas for any network analysts.  Troubleshooting sections at the end will surely going to make any network administrator’s job easier than earlier.

What makes this book easier to read and faster to grasp is its illustrative screenshots, through out the book author has demonstrated every analysis with relevant screenshots. Author has provided numerous practical case studies which are highly enlightening.  The review questions and answers helps readers to digest and understand the facts for each chapter. Also the humorous content between the pages helps to keep the reader alive while reading the technical book like this 🙂

This book is based on author’s 20 years of extensive work on packet analysis and troubleshooting. In this 800 pages of massive compilation author has torn apart every aspect of Wireshark to bring the light into the dark regions of legion.

In short,  either you are on the air or wire there is no better tool than Wireshark and there is no better book than this…!

eBook: Got a link, let me know