I'm finding a lot of excellent material online and ebooks on how to use wireshark from beginner to advanced but I am not finding anything on how to actually read the information in the captures. Are there any good resources online or ebooks that actually help someone to become literate in reading what all of that packet information is actually saying and what to look out for? asked 31 Dec '14, 20:32  araKnid |
One Answer:
That's a very big pile of information you intend to swallow there. Are you really trying to understand over a thousand protocols that Wireshark can handle? I guess not. If you want to start with the most common ones (TCP/IP and friends) then I suggest to get a hold of some reading material like O'Reilly's Internet Core Protocols: The Definitive Guide, or Steven's TCP/IP Illustrated, Vol. 1: The Protocols, or the online TCP/IP guide. If that's done you should be able to base further study on the specific protocols you're faced with. answered 02 Jan '15, 04:22  Jaap ♦ |
