Free Trial

Safari Books Online is a digital library providing on-demand subscription access to thousands of learning resources.


This significantly revised and expanded second edition of Practical Packet Analysis shows you how to use Wireshark to capture raw network traffic, filter and analyze packets, and diagnose common network problems.

Subscriber Reviews

Average Rating: 4.142857142857143 out of 5 rating Based on 7 Ratings

"Fantastic Tutorial" - by Larry Bishop on 27-FEB-2013
Reviewer Rating: 1 star rating2 star rating3 star rating4 star rating5 star rating
Not just a great tutorial on using Wireshark on a deeper level, but also some of the key fundamentals of packet analysis and troubleshooting a wide variety of problems, be it on the network, the server, or the client. Certainly a must read for any network engineer.
Report as Inappropriate

"quite good introduction into the topic" - by Michal Konrad Owsiak on 15-AUG-2011
Reviewer Rating: 1 star rating2 star rating3 star rating4 star rating5 star rating
Practical packet analysis is related, in fact, to a single product – Wireshark. Chris mentions other tools as well (in an Appendix), but he mostly focuses on this, particular tool. Wireshark allows you to analyze what’s going on within the wires of your network. Listening to the wire is not that easy as you may think in the first place. First of all, it’s good to know the terminology. Chris provides you with the exact knowledge you need. You will learn just enough to get started and will be told what are the differences between switches, routers, hubs, taps are. You will also know what ARP and OSI mean as well as many other abbreviations. What I specially liked within theory related section was some sort of analysis when to focus on particular device for sniffing and how to utilize it to it’s extent. One remark here. For people totally fresh in network terminology I’d suggest something additional and better (easier) explained. I think, at some places book might be hard to follow. Especially when Chris discusses topics like packet components, uses computer related arithmetic, and provides not that much detailed explanation of some topics. In fact, I’d suggest this book to intermediate readers who already know something about computers and networks.

What do I think about this book? It is good for people who are familiar with computer science but didn’t work with networks so far. Why? It simply requires some level of knowledge related to networking and to data is processing. On the other hand it is based on well known, easy accessible, GUI based application. This way, you can follow it quite easily, even though you are not perfectly familiar with all the network based concepts. I’d suggest this book as a starter for people who are thinking about working with packet analysis.

I particularly liked what Chris says at the beginning of 4th chapter: “As you perform packet analysis, you will find that a good portion of the analysis you do will happen after your capture.” This is certainly true. And this sentence tells very important thing. Good network analysis is not only based on listening to the wire. In fact, it is based on a deduction. It’s like detective’s work.

Report as Inappropriate

Table of Contents



The publisher has provided additional content related to this title.


Visit the catalog page for Practical Packet Analysis, 2nd Edition

  • Catalog Page

Visit the errata page for Practical Packet Analysis, 2nd Edition

  • Errata