Security Basics mailing list archives

Re: Packet analysis and protocol analysis

From: Kristine Amari <valthezeh () gmail com>
Date: Tue, 26 Jul 2005 16:08:58 -0400

I learned the majority of what I know from the following two books:

Network Intrusion Detection by Stephen Northcutt
Intrusion Signatures and Analysis by Mark Cooper

Stephen Northcutt's book gave a pretty detailed description of how
packets are organized and how to interpret them, as well as explaining
how programs like Ethereal can help you analyze network traffic.
Unfortunately, I don't know of any good free tutorials off the top of
my head.  The focus of the above to books is obviously on picking out
attacks rather than deciphering everyday traffic; hope you find this
helpful.

On 7/25/05, Ramki B <bramki () eth net> wrote:


I am trying to understand network packet analysis and exprimenting with
Etherreal. I have a captured file and i do not to understand the output , is
there any references in can look into for packet analysis and protocol
analysis?

Thanks...




-- 
/kristine

Current thread:

Packet analysis and protocol analysis Ramki B (Jul 26)
- Re: Packet analysis and protocol analysis Kurt Buff (Jul 29)
- Re: Packet analysis and protocol analysis Kristine Amari (Jul 29)
- Re: Packet analysis and protocol analysis Ansgar -59cobalt- Wiechers (Jul 29)
- Re: Packet analysis and protocol analysis Carlos Fernandez Sanz (Jul 29)
- Re: Packet analysis and protocol analysis Tom Van de Wiele (Jul 29)
- <Possible follow-ups>
- RE: Packet analysis and protocol analysis Arun Vishwanathan (Jul 29)
- RE: Packet analysis and protocol analysis Payton, Zack (Jul 29)
- Re: Packet analysis and protocol analysis araheja (Jul 29)
- Re: Packet analysis and protocol analysis ricsipATmailboxDOThu (Jul 29)