[Dshield] Looking for recommendations re: basic Wireshark packet analysis books
Joel Esler
joel.esler at sourcefire.com
Fri Feb 1 02:50:56 GMT 2008
I've heard that was a horrible book with many mistakes. I second
Johannes's opinion with the Steven's books.
On Jan 31, 2008, at 7:23 PM, Johannes Ullrich wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: RIPEMD160
>
>
>>
>> Here you go:
>>
>> http://www.nostarch.com/packet.htm
>
>
> I haven't read the book. But Richard Bejtlich has a pretty negative
> review about it on Amazon pointing out some basic flaws
>
> I don't know of a good Wireshark specific book. But if you just want
> to understand TCP/IP, TCP/IP Illustrated Volume 1 by Stevens is still
> pretty much my favorite choice. For a bit more updated book (but much
> heavier) look at TCP/IP Guide by Kozierok. But I see it more as a
> reference, while Stevens' book is very readable.
>
>
> - ---------
> SANS 2008 - Orlando, FL; 41 courses, April 18-25
> http://www.sans.org/info/19686
>
>
>
>
More information about the list
mailing list