Ethereal Packet Sniffingby Syngress
This book provides system administrators with all of the information as well as software they need to run Ethereal Protocol Analyzer on their networks. There are currently no other books published on Ethereal, so this book will begin with chapters covering the installation and configuration of Ethereal. From there the book quickly moves into more advanced topics such as optimizing Ethereal's performance and analyzing data output by Ethereal. Ethereal is an extremely powerful and complex product, capable of analyzing over 350 different network protocols. As such, this book also provides readers with an overview of the most common network protocols used, as well as analysis of Ethereal reports on the various protocols. The last part of the book provides readers with advanced information on using reports generated by Ethereal to both fix security holes and optimize network performance.
- Elsevier Science
- Publication date:
- Sold by:
- Barnes & Noble
- NOOK Book
- File size:
- 16 MB
- This product may take a few minutes to download.
and post it to your social network
Most Helpful Customer Reviews
See all customer reviews >
How anxious (paranoid?) are you about your network? Has a cracker taken over one of your machines and is using it to sniff your traffic? Or maybe to propagate worms, or emit spam, especially the phishing variety, which needs a server that cannot be directly owned by the phisher. For all these reasons, and as a prophylactic measure against them, sysadmins often use network analysis tools that come with their operating systems, like tcpdump under linux and unix and windump under Microsoft. But these tend to be limited in their analytic capability. A group of people wanted to improve matters. They banded together and called their product Ethereal. It is offered freely as open source, and has been tested on linux, most unixes and various Microsoft OSs. Strictly speaking, it has not been officially released. Which makes this book a little curious, on first glance. The book documents version 0.10.0, and has a CD with all the necessary code. The authors felt that pragmatically this version is stable enough and offers significantly better functionality over the alternatives. Granted, you may be trepid about installing beta code, on principle. But the authors argue persuasively that the Ethereal functionality, both in a GUI and at the command line, warrants a serious consideration by any sysadmin. Another reason to install Ethereal has to do with the case where you are already using some proprietary network analyser. If you also run Ethereal, then the two analysers act as cross checks on each other. While Ethereal may have some bugs, so too might that other product. But how might you ever know about the latter, without using Ethereal?
If you run Ethereal, you love software but hate the fact there's no real documentation. So this book is a real find. The first couple of chapters review the basics, and if you're already running Ethereal you can skip them, but once you get to the chapters on writing filters and integrating it with other apps, IDS and sniffers, you will want to read every word. The authors are all Ethereal contributors, and it's pretty clear they know their stuff. Definitely a good book.