Ethereal Packet Sniffing (Syngress)

Author - Angela D. Orebaugh ... [Goo?] [Posters]
Author - CISSP, Gilbert Ramirez ... [Goo?] [Posters]

This Paperback Book item from Syngress was reviewed on 26-Oct-2008.

Search ISBN:1932266828 offer from Abebooks or used books from Alibris. Ethereal Packet Sniffing (Syngress) Reference Book. Classifications : General Networks, Protocols & APIs Networking Computers & Internet Subjects Books General AAS Networks, Protocols & APIs Networking Computers & Internet Subjects Books Network Security Networking Comp . Click the following link to view the cover of Ethereal Packet Sniffing (Syngress).

Related topics: General. Networking. Subjects. Books. General AAS. Networking. Subjects. Books. Network Security. Networking.

1) Paperback Book Ethereal Packet Sniffing (Syngress) by Syngress. If you are a network administrator, responsible for a network of any size, this book and the software it describes are "must have" tools in your toolkit. There are many ways a LAN can malfunction, and network malfunctions are especially likely after changes have been made to a LAN. Troubleshooting your LAN is likely to involve examining samples of the message traffic flowing through the LAN. Ethereal (recently renamed "Wireshark") is a low cost, but very effective, tool for this purpose. The book includes a CDROM which significantly enhances the value of the book because it includes all of the example "filters" found in the book, making them easier to use, in addition to providing copies of Ethereal for several operating systems.

If you do not already have this book and know how to use Ethereal, you should buy this book soon. Start by reading the book, but you really should learn to use Ethereal "hands on", on your LAN as soon as possible. You need to know what "normal" conditions look like on your LAN. When your LAN is down, you probably will not have time for much reading. This book provides far too much information to digest and understand at one time, especially while your LAN is down. This is a book to read when you have some "slow" time because your network is OK.

I gave this book 4 stars only because I think a new edition should be released soon. The current edition is now several years old, and with the name of the software recently changed to Wireshark, the book should be updated with the new name for this classic LAN troubleshooting tool.¤

2) Paperback Book Ethereal Packet Sniffing (Syngress) by Syngress. One of the complaints I´ve heard about this book is that it doesn´t provide you with information on what different fields within a packet mean. Though the title is a little misleading, this isn´t the book for that (try "The TCP/IP Guide: A Comprehensive, Illustrated Internet Protocols Reference" by Charles Kozierok).

This book is more like a very good user manual for version 0.10.0 (current version as of 4/20/06 is 0.10.14, so there are a few more features than this book covers.) What seems to be a new version of the book with a new title is due out in June of 2006, so some of you might want to wait until it gets released if you want the most up to date version.

I´ve been just a casual user of Ethereal for a couple years so I thought I´d learn a lot from this book. Surprisingly though, only chapters 5 "Filters" and 8 "Real World Packet Captures" were helpful to me. Everything else was either stuff I could easily figure out on my own, or things I don´t use.

Except for chapter 8 with the real-world examples and possibly chapter 9, "Developing Ethereal", this book is just a user manual and should be bought only with this in mind. It would be fun if they made another book that focuses on packet analyzation using Ethereal as the tool. I´ll wait.

Evaluated as a user manual only, I´ll give it 4 stars. Because it´s merely a user manual, it should be less expensive. Then it would earn 5 stars.¤

3) Paperback Book Ethereal Packet Sniffing (Syngress) by Syngress. I have been doing protocol analysis for over three years now. My two tools of choice are typically either TCPDump and/or Ethereal. Even though I have used Ethereal extensively, this book was still able to teach me a few tricks - particularly with the reporting and graphing features (which is always nice eye-candy for the higher-ups). This book will not teach you about TCP/IP or the nuances of the protocols - for that, try the first 100 pages of "Inside Network Perimeter Security" or better yet, "TCP/IP Illustrated, Volume 1" by Stevens. And because of this, some of the value of the book is lost. Understanding how to root out or parse data that is unique to one protocol to find the right packet would only add to the value of this book, and thus the tool. Overall, the book serves it´s intended purpose very well.

I give this book 4 pings out of 5:
!!!.!¤

4) Paperback Book Ethereal Packet Sniffing (Syngress) by Syngress. Provides an exhaustive view of Ethereal and how to use it. The only complaint I have, and perhaps unfairly so, is that it doesn´t give enough context for the use of the product--although I recognize the book doesn´t claim to be a primer on packet sniffing, a bit more information on the meaning of what it is you are seeing in each packet, would be helpful. Regardless, I recommend this book highly. If I could give it 4.7 stars, I would.¤

5) Paperback Book Ethereal Packet Sniffing (Syngress) by Syngress. I love protocol analysis. It´s slightly arcane, just difficult enough to be interesting and incredibly useful for troubleshooting, planning, security and just plain learning more about networks. The great barrier has been cost - few shops have the inclination, much less the financing to afford this most essential of network professional tools. Enter open source software and Ethereal - a serious, cross platform protocol analyzer with enough features to get the job done. Of course, the trouble is knowledge - how do you use the darn thing? High-priced protocol analyzers have extensive support from the vendor and series of classes to learn both analysis in general as well as the specifics of that product. As an open source product, Ethereal presupposed at least some knowledge of protocol analysis to use effectively. This book, written with the Ethereal development team is worth solid gold to any network pro.

Let me start out by saying that any protocol analyzer manual will have slow spots, even for geeks that love looking up obscure flags in hex. For the sadly normals out there, please, please, please feel free to skip around chapters 1-4 where important concepts are introduced. While the writing is quite good the material in places is dry by nature. Don´t waste your attention span on things like the complete list of protocols supported on page 45. Skip over those parts, flag them for reference when needed, and concentrate on the more immediately useful parts that are interleaved throughout. Just be sure to pour through chapter 5, which is the all-important filtering chapter. Then skip to Chapter 8, which introduces some real-world packet captures. Don´t worry, you get to play with real captures, included on the disk. These files have already been slimmed to just the conversations in question so you don´t have to figure out how to pick out 20 packets from 10,000. These are of real interest, and include vulnerability scanning, Trojans and several worms like Code Red. If these don´t hit your hot button you´re in the wrong field, baby!

I do have a half-nit to pick about the book, and while it´s small it does need to be said. The authors clearly wished to be very complete, writing what appears to be the definitive (and only!) book on Ethereal as well as providing adequate instruction on use. Multiple purposes unless handled very carefully lead to uneven, disjointed writing and that is clearly a flaw shared by this book. It would be hard to write as a cohesive unit containing both reference material and tutorials, theory, practice and a short course on general analysis. Worse it absolutely must cover over a half-dozen operating systems and at least mention related software - reading and writing capture files for other analyzers is essential, and fortunately covered well. That the book doesn´t fall completely apart is a testament to the writers and editor but another approach might have resulted in a better read. Still, this is THE definitive work on Ethereal and unlikely to be surpassed anytime soon. Like Ethereal itself this book is well worth the price and effort to master.¤

6) Paperback Book Ethereal Packet Sniffing (Syngress) by Syngress. Ethereal offers more protocol decoding and reassembly than any free sniffer out there and ranks well among the commercial tools. You´ve all used tools like tcpdump or windump to examine individual packets, but Ethereal makes it easier to make sense of a stream of ongoing network communications. Ethereal not only makes network troubleshooting work far easier, but also aids greatly in network forensics, the art of finding and examining an attack, by giving a better "big picture" view. Ethereal Packet Sniffing will show you how to make the most out of your use of Ethereal.

• Learn About Network Analyzers Learn about the types of sniffers available today and see the benefits of using Ethereal.
• Master Tethereal Use Tethereal, the command line version of Ethereal, to capture live packets from the wire or to read saved capture files.
• Install and Configure Ethereal Find out how to install Ethereal on Windows and Unix and see how to build Ethereal from source.
• Explore the Ethereal Graphic User Interface Learn your way around the menus, windows, and command-line options of Ethereal.
• Write Capture and Display Filters Pinpoint network problems using filters to manage network operations and traffic.
• Benefit from the Additional Programs Packaged with Ethereal Learn about the suite of programs that provide command line capturing, formatting, and manipulating capabilities: Tethereal, Editcap, Mergecap, and Text2pcap.
• Integrate Ethereal with Other Sniffers Import and export files between Ethereal and various compatible products, including WinDump, Snort, Snoop, Microsoft Network Monitor, and EtherPeek.
• Scan the Network See how to used network scanning to detect open ports and services on systems.
• Master Advanced Ethereal Topics Create sub-trees, display bitfields in a graphical view, track request and reply packet pairs, and configure different Ethereal components.
• Register for Your 1 Year Upgrade The Syngress Solutions upgrade plan protects you from content obsolescence and provides monthly mailings, whitepapers, and more!

Page Updated: Robert N. Goolsby, 23-Nov-2008, 1932266828792502668283, 021-331-431-861-761-281-8

Ethereal Packet Sniffing (Syngress), Book, Image © Syngress

Search: Syngress, Book Posters, Book Art