Instant Wireshark Starter [Kindle Edition]

Abhinav Singh

In Detail

Wireshark is by far the most popular network traffic analyzing tool.

It not only provides an interface for traffic capture but also provides a rich platform for an in-depth analysis of the traffic. The GUI provides a very user friendly and interactive media that simplifies the process of network forensics. This concise book provides a perfect start to getting hands-on with packet analysis using Wireshark.

Wireshark Starter is the perfect guide for new learners who are willing to dive into the world of computer networks. Walking you through from the very start, it transitions smoothly to cover core topics like filters, decoding packets, command line tools, and more. It covers every inch of Wireshark in a concise and comprehensive manner.

Wireshark Starter has been designed keeping basic learners in mind. After initial setup, the book leads you through your first packet capture followed by some core topics like analyzing the captured traffic and understanding filters.

You will then be guided through more detailed topics like the decoding of captured packets, generating graphs based on statistics, and name resolution. Finally the book concludes by providing information about further references and official sources to learn more about the tool.


Get to grips with a new technology, understand what it is and what it can do for you, and then get to work with the most important features and tasks. Written as a practical guide, Wireshark Starter will show you all you need to know to effectively capture and analyze network traffic.

Who this book is for

This book is specially designed for new learners who are willing to dive deeper into network analysis using Wireshark. It requires a basic understanding of network protocols and their implementation and is equally handy for network administrators, forensic experts, and network penetration testers.

Über den Autor und weitere Mitwirkende

Abhinav Singh is a young Information Security specialist from India. He has a keen interest in the field of hacking and network security and has adopted it as his full-time profession. He is also the author of Metasploit Penetration Testing Cookbook, Packt Publishing. He is an active contributor to the SecurityXploded community. Abhinav's works have been quoted in several security and technology magazines and portals.


4.0 von 5 Sternen Introduction to using Wireshark, with some extra on top 2. April 2013
"Instant Wireshark Starter" by Packt Pub is a short book (68 pages in total - took me about 2 hours to read) which gives a brief overview of the features and capabilities Wireshark has to offer. It's covering the installation on Windows and Linux (to a somewhat lesser extent), and then moves on to list and demonstrate the different functions in the GUI.
The author Abhinav Singh gives examples on how to start a live capture, applying capture filters and display filters. Subjects like TCP Stream reassembly, exporting and importing capture as well as graphing (!) captured data are mentioned. He's also covering a useful function called "exporting objects", which allows to reconstruct objects like downloaded files from a packet capture - which can be extremely useful in network forensics. The book is rounded off by the last chapter "Wireshark activity" providing an actual PCAP dump as a download which can be used to perform forensics on.

The book holds true to the motto of the Packt [instant] series "Learn something new in an Instant! A short, fast, focused guide delivering immediate results." - but the topic in itself is not as easy as Wireshark may suggest it is:

1) nobody likes creating network captures - they're always the "last resort" and ultimatively lead to a lot of finger-pointing ("the network is at fault", "Your application is broken, it's sending the wrong data", "your server is dropping packets"). You'll be unpopular!

2) if you do have to create a capture, Murphy's law dictates that you have to do it under adverse circumstances! I.e. on a saturated gigabit link - and that's hard! It's a lot of data, and you'll probably have to apply a few capture filters in order not to drop the packets you're actually looking for. And wireshark might still be dropping packets due to performance issues within the OS or disk I/O.

3) This leads (at least for us, in enterprise environment) to dumping the data using gulp or tcpdump and performing the actual analysis on a remote machine using Wireshark.

So, it's a complicated topic since the problem at hand is always an unpleasant one (something is not working correctly, why?). That's why the GUI has a lot of different options to explore, and that's why every book can only give an overview on the topic. The experience on how to tackle a network problem comes from experience, anecdotes and hard work.

4.0 von 5 Sternen Instant Wireshark Starter 16. Februar 2013
The "Instant' Series of books by Packt are relatively new and are designed to be a crash course on a particular technology. In this instance, I chose my favorite network analysis tool, Wireshark.

First and foremost, it's a QUICK read. At a commanding 68 pages, you can easily get through this in an hour or so. The book covers the basics from installing and getting familiar with the basics, navigating the GUI, using some of the command line tools, and at the end there's interesting little exercise pertaining to the BlackHole Exploit Kit.

Overall, a good (and quick) read. Recommended for people who are new to network analysis and the Wireshark tool.
4.0 von 5 Sternen we'll done 10. Juni 2014
I liked that it was concise and pointed. Having been fed a hamburger, I now will be hungry for a steak! Thanks!
4.0 von 5 Sternen Short but effective 8. Januar 2014
Good introduction, although for the money I'd expected a longer book. 50 pages just touches on what Wireshark can do. I'd recommend buying a more comprehensive book, even for a newbie.
5.0 von 5 Sternen What you need to know about Wireshark 16. November 2013
Great book. chocked full of useful information about how to use wireshark. Takes you through step by step with pictures of commands.
