Whether you are an experienced veteran or just getting started with Wireshark, this one one book that you shouldnt be without. I have known Laura for close to twenty years and have had the good fortune of hearing many of her presentations over the years and being in the front row at the 2008 Chappell Summit in Texas. If traveling to where she is giving a presentation isnt an option, getting this book is good start to getting inside the mind that is Laura Chappell.
Fair warning upfront, this isnt a book that you can pick up and put down and read it a little hear and there. Set aside some time, firmly fasten your seat belt, return your tray to its upright and locked position and get ready for a knowledge transfer that makes a vulcan mind meld look like childs play. Before getting started, take a few minutes and go to http://www.wiresharkbook.com to download the latest errata updates and all the trace files that are referenced in the book. I have found over the years that the capture files that Laura creates are a good source of learning and occasional reminders of what you may have forgotten along the way.
Laura doesnt just show you how to interpret protocol captures but how to tweak Wireshark to get the maximum benefit possible. For good measure, she also has a chapter on the different ways of capturing traffic – tap vs span, etc. Depending on what conditions you are dealing, the way you capture traffic one time may not work the next time.
Two areas that are of specific interest to me is the discussion she gives on doing wireless and voip analysis. These are two areas that that I have been doing more and more. Want to see your manager’s face turn pale and or several shades of white ? Show him/her that Wireshark can capture and analyze voice traffic. If that doesnt get his/her attention, use the playback function in Wireshark to hear the call that was placed over the network. I did that one time with a previous manager and the look on his face, to quote the Mastercard commercial, was priceless !
I cant think of a better book or source of reference information to lead off The Library section of my Blog. No review can begin to do justice to this book. Do yourself and your career a big favor and add this to your growing list of reference material. If you havent already bought the book, I would appreciate it if you would click on the book at the bottom of this review and buy the book. It will help defray my costs of running this website –