I usually don’t start with this, but lately I had some time constraints that made me wondering if is right to use so much time reading books. The Wireshark Field Guide Analyzing and Troubleshooting Network Traffic by Robert J. Shimonski is only 149 pages long (if we cut the introduction, indexes, etc. it boils down to 128 pages). This is a really short book and I have really appreciated this fact. Wireshark is a very useful and powerful tool, but many people do not need to know everything about it. If you need to know everything about wireshark, the best option is to download the source and read it, but this is not the case for 99.99% of the people interested in Wireshark.
After this “quantitative” introduction, let’s talk about quality. The book contains really high quality contents. It’s rare to see so many concepts, so well explained in such short text.
In my opinion, the only thing that this book is really missing, is SSL/TLS. These two acronyms are never mentioned in the book and this is not good, even if I do understand that SSL/TLS is such a big and complex topic to be present in such small book.
I would suggest this book to anyone is interested in understanding how to use Wireshark and to anyone needs to use Wireshark and does not want to use too much time to learn it.
You can find the book at O’Reilly website.
Disclaimer: I received a free electronic copy of this book as part of the O’Reilly Blogger Program