Book review Monday:::Problems with Practical Packet Analysis

Richard Bejtlich has a great review of a Chris Sanders' Practical Packet Analysis. Rather than look to Sanders' book, here are my recommendations for getting to know Wireshark and for practical protocol analysis. Wireshark & Ethereal: Network Protocol Analyzer Toolkit from Syngress. I use this book about once a month

Richard Bejtlich has a great review of a Chris Sanders' Practical Packet Analysis. Rather than look to Sanders' book, here are my recommendations for getting to know Wireshark and for practical protocol analysis.

Wireshark & Ethereal: Network Protocol Analyzer Toolkit from Syngress. I use this book about once a month while testing in the lab.

You can go just about anywhere for a better basic and reliable explanation of IP than the one given in Sanders' book. Since I think anyone interested in network security should get it, try Virtual Honeypots: From Botnet Tracking to Intrusion Detection, which I reviewed here. The Wireshark also has a good FAQ that provides information about how to use the product and what to look for in a capture.