Wireshark-users: Re: [Wireshark-users] Beginner

Date: Fri, 13 Jul 2007 09:06:09 -0700
You're being too modest Laura. The lab kit is a fantastic resource and 
reality check for those who have anything to do with networks.

People, Laura explains protocol analysis better than anyone I've ever 
read. (Yes, you can blush now Laura.) Clear, concise and eminently 
readable she makes what can be rather dry reading fun. Better, it's 
accessible to the average network professional - ubergeek credentials not 
required! Laura frequently writes on the subject for various magazines; 
she has a number of great entry level articles available online at 
connection magazine, http://www.novell.com/connectionmagazine . (She's 
featured in this quarter's magazine.)  I'll make a couple of 
recommendations for those starting out:

Introduction to Network Analysis. If you're just starting out, you NEED 
this. How and why, with examples and humor. Even most managers will find 
this accessible.
TCP Analysis and Troubleshooting. TCP/IP won the protocol wars, so you 
need to understand how the protocol suite is put together.

Both of these are available either electronic or hard copy; check out 
http://www.packet-level.com/books.htm .

You can also purchase these with other titles as a set - I bought the 
Master Library a couple of years ago, and even as an out of pocket 
professional purchase I've never regretted it. I can't think of a better 
resource if you're serious about getting into network analysis.

Randy Grein
Network Engineer




"Laura Chappell" <lchappell@xxxxxxxxxxxxxxxx> 
Sent by: wireshark-users-bounces@xxxxxxxxxxxxx
07/12/2007 09:33 PM
Please respond to
Community support list for Wireshark <wireshark-users@xxxxxxxxxxxxx>


To
"'Community support list for Wireshark'" <wireshark-users@xxxxxxxxxxxxx>
cc

Subject
Re: [Wireshark-users] Beginner






In addition, you can download the ISO image of the Laura’s Lab Kit v8 from 
www.novell.com/connectionmagazine/laurachappell.html - there are training 
resources on the DVD.  In addition, at that same URL I have recorded 
monthly articles on network troubleshooting, network forensics and 
reconnaissance. Free to all. 
 
I agree with the need to understand the protocols! I co-authored “Guide to 
TCP/IP” with Ed Tittel – not sure where it is sold – it’s used as a 
college textbook – check Amazon I guess. 
 
Laura Chappell
Founder, Wireshark University
Sr. Protocol/Security Analyst, Protocol Analysis Institute
 
******************************************************************************
This message is intended only for the use of the addressee and may contain 
information that is privileged and confidential. If you are not the 
intended recipient, you are hereby notified that any use and/or 
dissemination of this communication is strictly prohibited. If you have 
received this communication in error, please delete all copies of the 
message and its attachements and notify the sender immediately. 
******************************************************************************
 
 
 
From: wireshark-users-bounces@xxxxxxxxxxxxx 
[mailto:wireshark-users-bounces@xxxxxxxxxxxxx] On Behalf Of zuoheng
Sent: Thursday, July 12, 2007 7:25 PM
To: Community support list for Wireshark
Subject: Re: [Wireshark-users] Beginner
 
I am new to Wireshark too. But I would share some experience with you. 

First, before you use Wireshark analyzing some network traffic, you need 
have some knowledge about TCP/IP fundamental. Such as ARP packets, DNS 
query packets, IP sourece address, IP destination address, TCP port 
number, UDP port number, are quite basic concepts of TCP/IP stack. 

"Interworking with TCP/IP" Volume 1 or "Illustration TCP/IP" Volume 1 are 
two good books to read. 

Second, you may move to speicifid application, such as http, email, nfs, 
cifs. These are upper layer 
protocol based on TCP/IP. One of Wireshark's strong point is that it 
provides so many dissectors to decode protocols. Though Wireshark is a 
good tool to capture and decode network traffic, and even give an 
analyzing, you'd better know the protocol by your own and then utilize 
Wireshark. 

www.wiresharktraning.com has a free section of video cource and some tech 
notes, you may find it useful.

http://www.wiresharktraining.com/files/msteched_traces.zip
http://www.wiresharktraining.com/files/2007_microsoft_chappell.zip


my 2 cents. 

/zuoheng

On 7/13/07, Kenta Kentson <kenta_08@xxxxxxxxxxx> wrote:
Hi,

I'm new to this with wireshark, but I'm trying to learn.
And my question is, what is the best way to learn? I've been googeling 
alot but so far I havn't found
a good tutorial.
So I have been trying a bit for myself, tried too pick upp a password as i 
logged in to my mail for example, but have no idea where too look for it 
becasue there are like 200 files :P 

thx in advance// kenta :P

Ring dina vänner med Messenger -- gratis Testa nu!

_______________________________________________
Wireshark-users mailing list
Wireshark-users@xxxxxxxxxxxxx 
http://www.wireshark.org/mailman/listinfo/wireshark-users
 _______________________________________________
Wireshark-users mailing list
Wireshark-users@xxxxxxxxxxxxx
http://www.wireshark.org/mailman/listinfo/wireshark-users



- -------------------------

CONFIDENTIALITY NOTICE: The information in this message may be proprietary and/or confidential, and is intended only for the use of the individual(s) to whom this email is addressed.  If you are not the intended recipient, you are hereby notified that any use, dissemination, distribution or copying of this communication is strictly prohibited. If you have received this communication in error, please notify us immediately by replying to this email and deleting this email from your computer.  Nothing contained in this email or any attachment shall satisfy the requirements for contract formation or constitute an electronic signature.