BKPRPAAN.RVW 20070926 "Practical Packet Analysis", Chris Sanders, 2007, 1-59327-149-2, U$39.95/C$49.95 %A Chris Sanders %C 555 De Haro Street, Suite 250, San Francisco, CA 94107 %D 2007 %G 978-1-59327-149-7 1-59327-149-2 %I No Starch Press %O U$39.95/C$49.95 415-863-9900 fax 415-863-9950 info@nostarch.com %O http://www.amazon.com/exec/obidos/ASIN/1593271492/robsladesinterne http://www.amazon.co.uk/exec/obidos/ASIN/1593271492/robsladesinte-21 %O http://www.amazon.ca/exec/obidos/ASIN/1593271492/robsladesin03-20 %O Audience i- Tech 1 Writing 1 (see revfaq.htm for explanation) %P 164 p. %T "Practical Packet Analysis" Chapter one is a brief, and rather simplistic, outline of some basic networking fundamentals. In terms of an introduction to packet analysis it is so terse as to be misleading. For example, there is a mention of the need to use promiscuous mode, but not the fact that many network cards don't support it. There is also a description of switches, but not the multiple locations that must be monitored on a switch to get a full picture of network operations. There is, in chapter two, an indication that switches present options in terms of monitoring, but no details, and promiscuous mode is only reported to be limited by permissions set in Windows. Screenshots for the installation of the Wireshark make up chapter three. Chapters four and five list, and briefly describe, various functions of the program. Screenshots of displays for a few different types of packets are shown and hastily characterized in chapter six. Chapter seven lists a few examples of packet captures that indicate specific problems. The data is all there, but the explanation is rather curt and lacks sufficient detail to assist the reader in using it. Slightly more particular situations, dealing with network performance, are given in chapter eight, and a smattering of security related situations in chapter nine. Different pieces of technology and factors involved in sniffing traffic on wireless networks are discussed in chapter ten. Chapter eleven briefly lists a few more tools and related resources. A random, somewhat incomplete, but occasionally interesting collection of tidbits related to sniffing traffic. copyright Robert M. Slade, 2007 BKPRPAAN.RVW 20070926