[Dshield] Looking for recommendations re: basic Wireshark packet analysis books
Gleb Paharenko
gpaharenko at gmail.com
Fri Feb 1 16:14:31 GMT 2008
Hi.
There courses from wireshark, some of them you should be able to download:
http://www.wiresharktraining.com/catalog.html
http://www.cacetech.com/products/training.htm
2008/1/31, Brenden Walker <BKWalker at drbsystems.com>:
> Our need is very specific. We develop software that relies on a variety
> of network services provided by customers (SMPT/POP and others). Over
> the years I've had to capture and analyze problems, as I'm the only
> person here that knows anything about this type of work.
>
> A good example of our need for this (in case there are books that are
> better aimed at this usage). Our email alerting system at several of
> our customer sites (same customer) would randomly stop working. All the
> while another process that mails database replication data is runnign
> along fine. I got packet captures and found that their ISP's SMTP
> server would randomly make the connection but not respond with the
> appropriate 220 message. The components we use (Indy 10) for SMTP would
> just wait forever... effectively tarpiting the thread that handles these
> emails. Needless to say the traffic capture was critical for figuring
> this one out.
>
> I've been asked (several times) to try and train our high level support
> in very basic packet capturing and filtering. As I'm at best a novice
> at this, I thought I'd ask the folks here for training recommendations.
> As you can see from the above example our needs aren't really that
> complex, which is why I think that a book or two might be enough.
>
> Thanks!
>
> _________________________________________
> SANS Security 2008 in New Orleans!! January 11-19 2008. Why freeze up north if you can be in New Orleans. http://www.sans.org/info/15826
>
--
Best regards.
Gleb Pakharenko.
http://gpaharenko.livejournal.com
More information about the list
mailing list