Wireshark · Wireshark-users: Re: [Wireshark-users] Beginner

Wireshark-users: Re: [Wireshark-users] Beginner
From: "Small, James" <JSmall@xxxxxxxxxxxx>
Date: Fri, 13 Jul 2007 19:18:10 -0400
I completely agree - Laura's books are fantastic - an excellent investment if you want to get productive in network analysis quickly.  I still have and use her books on Novell networks - the Token Ring explanations are probably the best I have ever seen if you're (un)fortunate enough to still run into them...  :-)  Even though the books are from the mid 90's, they were so well written that I still find them useful today - a true testament to great writing.

--Jim

> -----Original Message-----
> From: wireshark-users-bounces@xxxxxxxxxxxxx [mailto:wireshark-users-
> bounces@xxxxxxxxxxxxx] On Behalf Of Randy.Grein@xxxxxxxxxxxxxx
> Sent: Friday, July 13, 2007 12:06 PM
> To: Community support list for Wireshark
> Subject: Re: [Wireshark-users] Beginner
> 
> You're being too modest Laura. The lab kit is a fantastic resource and
> reality check for those who have anything to do with networks.
> 
> People, Laura explains protocol analysis better than anyone I've ever
> read. (Yes, you can blush now Laura.) Clear, concise and eminently
> readable she makes what can be rather dry reading fun. Better, it's
> accessible to the average network professional - ubergeek credentials not
> required! Laura frequently writes on the subject for various magazines;
> she has a number of great entry level articles available online at
> connection magazine, http://www.novell.com/connectionmagazine . (She's
> featured in this quarter's magazine.)  I'll make a couple of
> recommendations for those starting out:
> 
> Introduction to Network Analysis. If you're just starting out, you NEED
> this. How and why, with examples and humor. Even most managers will find
> this accessible.
> TCP Analysis and Troubleshooting. TCP/IP won the protocol wars, so you
> need to understand how the protocol suite is put together.
> 
> Both of these are available either electronic or hard copy; check out
> http://www.packet-level.com/books.htm .
> 
> You can also purchase these with other titles as a set - I bought the
> Master Library a couple of years ago, and even as an out of pocket
> professional purchase I've never regretted it. I can't think of a better
> resource if you're serious about getting into network analysis.
> 
> Randy Grein
> Network Engineer
> 
> 
> 
> 
> "Laura Chappell" <lchappell@xxxxxxxxxxxxxxxx>
> Sent by: wireshark-users-bounces@xxxxxxxxxxxxx
> 07/12/2007 09:33 PM
> Please respond to
> Community support list for Wireshark <wireshark-users@xxxxxxxxxxxxx>
> 
> 
> To
> "'Community support list for Wireshark'" <wireshark-users@xxxxxxxxxxxxx>
> cc
> 
> Subject
> Re: [Wireshark-users] Beginner
> 
> 
> 
> 
> 
> 
> In addition, you can download the ISO image of the Laura's Lab Kit v8 from
> www.novell.com/connectionmagazine/laurachappell.html - there are training
> resources on the DVD.  In addition, at that same URL I have recorded
> monthly articles on network troubleshooting, network forensics and
> reconnaissance. Free to all.
> 
> I agree with the need to understand the protocols! I co-authored "Guide to
> TCP/IP" with Ed Tittel - not sure where it is sold - it's used as a
> college textbook - check Amazon I guess.
> 
> Laura Chappell
> Founder, Wireshark University
> Sr. Protocol/Security Analyst, Protocol Analysis Institute
> 
> **************************************************************************
> ****
> This message is intended only for the use of the addressee and may contain
> information that is privileged and confidential. If you are not the
> intended recipient, you are hereby notified that any use and/or
> dissemination of this communication is strictly prohibited. If you have
> received this communication in error, please delete all copies of the
> message and its attachements and notify the sender immediately.
> **************************************************************************
> ****
> 
> 
> 
> From: wireshark-users-bounces@xxxxxxxxxxxxx
> [mailto:wireshark-users-bounces@xxxxxxxxxxxxx] On Behalf Of zuoheng
> Sent: Thursday, July 12, 2007 7:25 PM
> To: Community support list for Wireshark
> Subject: Re: [Wireshark-users] Beginner
> 
> I am new to Wireshark too. But I would share some experience with you.
> 
> First, before you use Wireshark analyzing some network traffic, you need
> have some knowledge about TCP/IP fundamental. Such as ARP packets, DNS
> query packets, IP sourece address, IP destination address, TCP port
> number, UDP port number, are quite basic concepts of TCP/IP stack.
> 
> "Interworking with TCP/IP" Volume 1 or "Illustration TCP/IP" Volume 1 are
> two good books to read.
> 
> Second, you may move to speicifid application, such as http, email, nfs,
> cifs. These are upper layer
> protocol based on TCP/IP. One of Wireshark's strong point is that it
> provides so many dissectors to decode protocols. Though Wireshark is a
> good tool to capture and decode network traffic, and even give an
> analyzing, you'd better know the protocol by your own and then utilize
> Wireshark.
> 
> www.wiresharktraning.com has a free section of video cource and some tech
> notes, you may find it useful.
> 
> http://www.wiresharktraining.com/files/msteched_traces.zip
> http://www.wiresharktraining.com/files/2007_microsoft_chappell.zip
> 
> 
> my 2 cents.
> 
> /zuoheng
> 
> On 7/13/07, Kenta Kentson <kenta_08@xxxxxxxxxxx> wrote:
> Hi,
> 
> I'm new to this with wireshark, but I'm trying to learn.
> And my question is, what is the best way to learn? I've been googeling
> alot but so far I havn't found
> a good tutorial.
> So I have been trying a bit for myself, tried too pick upp a password as i
> logged in to my mail for example, but have no idea where too look for it
> becasue there are like 200 files :P
> 
> thx in advance// kenta :P
> 
> Ring dina vänner med Messenger -- gratis Testa nu!
> 
> _______________________________________________
> Wireshark-users mailing list
> Wireshark-users@xxxxxxxxxxxxx
> http://www.wireshark.org/mailman/listinfo/wireshark-users
>  _______________________________________________
> Wireshark-users mailing list
> Wireshark-users@xxxxxxxxxxxxx
> http://www.wireshark.org/mailman/listinfo/wireshark-users
> 
> 
> 
> - -------------------------
> 
> CONFIDENTIALITY NOTICE: The information in this message may be proprietary
> and/or confidential, and is intended only for the use of the individual(s)
> to whom this email is addressed.  If you are not the intended recipient,
> you are hereby notified that any use, dissemination, distribution or
> copying of this communication is strictly prohibited. If you have received
> this communication in error, please notify us immediately by replying to
> this email and deleting this email from your computer.  Nothing contained
> in this email or any attachment shall satisfy the requirements for
> contract formation or constitute an electronic signature.
> _______________________________________________
> Wireshark-users mailing list
> Wireshark-users@xxxxxxxxxxxxx
> http://www.wireshark.org/mailman/listinfo/wireshark-users
References:
- Re: [Wireshark-users] Beginner
  - From: Laura Chappell
- Re: [Wireshark-users] Beginner
  - From: Randy . Grein
Prev by Date: Re: [Wireshark-users] Beginner Quick Setup Question
Next by Date: Re: [Wireshark-users] Tons of ARP packets...?
Previous by thread: Re: [Wireshark-users] Beginner Quick Setup Question
Next by thread: [Wireshark-users] Gtk-WARNING **: cannot open display
Index(es):
- Date
- Thread