Luara Chappell's books?

I was digging through the old messages here and there were some messages discussing Laura Chappell's POD book series. These messages were from 2000, but I went the site anyway and found these books. Any care to comment?

1) Onsite! Case Studies
2) Packet Filtering: Capture the Cool Packets! (Includes importing sample filters for Sniffer and Etherpeek)
3) Introduction to Network Analysis
4) Advanced Network Analysis

Currently I am reading Network Analysis and Troubleshooting from J. Scott Haughdahl and I think it's great. It may redundant to also read some of Laura's books, but "Onsite!" and "Packet Filtering" seem like the two most useful books. I don't know about you guys, but my work day starts at 9:00 a.m. and I don't go home until 7:00/7:30, sometimes I do some work from home in the late-evening. *sigh* Making time to read can be rough!

Thanks,
Mark
Sr. Network Engineer
ArcLight Systems, LLC

http://www.markholloway.com

 

[fortunat]

I've heard 1 & 2 is good.
I've got a list of books I've thought worthwile on my website

http://www.thetechfirm.com/books/index.html

My personal favorites are:
Windows 2000 TCP/IP Protocol Services Technical Reference
Microsoft Press 2002
Thomas Lee and Joseph Davies
ISBN 0-7356-0556-4

Optimizing Network Traffic (Notes from the Field)
by Microsoft Press
ISBN# 0-7356-0648-X

'Making things work better; bit by bit.'

 

[wybnormal]

I have all of these..
2) Packet Filtering: Capture the Cool Packets! (Includes importing sample filters for Sniffer and Etherpeek)
3) Introduction to Network Analysis
4) Advanced Network Analysis

I'm a training material junkie Laura's books are written very much in her presentation style. Somewhat light, funny but full of good useful info that can be translated into something right to blow your bosses socks off right away.

the sample filters are very useful and she stresses the point of being able to build your own filters. Which is really the best advice she can offer in how to get the most out of the sniffer. With the right filter, you have a poor mans's IDS.

Optimizing Network Traffic is a good one.. I had forgotten about that one. Has it been updated?

MikeS
Find me at

http://www.packetattack.com

"Take advantage of the enemy's unreadiness, make your way by unexpected routes, and attack unguarded spots."
Sun Tzu

 

[dfusion]

Haha, using Sniffer as a poor man's IDS? Sounds like that 'poor man' dumped his last $16,000 on Sniffer instead of that $4,000 Sidewinder he could have bought. heheh just kidding! Errr, the poor man could have also used Snort.

I just bought the Syngress Sniffer book so I will be reading that for over the next couple weeks, then I'll look at Packet Filtering.

On a side note, I have tried so many other sniffers and nothing compares to Sniffer for enterprise application monitoring and such. However, for security-type auditing, I think eEye Iris is really slick! Anyone tried it?

Regards,
Mark
Sr. Network Engineer
ArcLight Systems, LLC

http://www.markholloway.com

 

[wybnormal]

Well.. after you bought the 16K Sniffer.. you are a poor man

Snort is good.. but it requires another box and sometimes you dont have the option.. in my case standing in the clients office and they need to know about Kazaa usage right then, not in a few hours or days.

eEye is cool but Sniffer just released a *mega-sniffer* with something like 1.2 terrabytes of diskspace to catch EVERYTHING going past and then reconstruct it for you. The demo I saw reconstructed a VoIP conversation (both sides) and various web site visits. Of course this opens a can of legal issues to put it mildly and they admit as much.

MikeS
Find me at

http://www.packetattack.com

"Take advantage of the enemy's unreadiness, make your way by unexpected routes, and attack unguarded spots."
Sun Tzu