Reddit reviews Wireshark Network Analysis (Second Edition): The Official Wireshark Certified Network Analyst Study Guide
We found 4 Reddit comments about Wireshark Network Analysis (Second Edition): The Official Wireshark Certified Network Analyst Study Guide. Here are the top ones, ranked by their Reddit score.
Digital Forensic workbook is a great source for building foundational knowledge on many of the general computer forensic techniques. It covers info such as file system forensics, acquisition, software write blocking, registry analysis, email analysis, internet history analysis, recovering data in unallocated space, etc. Labs are included with the book so you can test the content learned against sample data.
Learning Malware Analysis Guides you through static analysis, dynamic analysis, using IDA pro, and other dismembers to determine the intent of malicious files.
Practical Malware Analysis
Wireshark Network Analysis
Normal person is relative. Ha! However, I can tell you Wireshark is my go to for troubleshooting complex application/network problems.
I highly recommend Laura Chappelle books. This is my favorite, well worth the cost. Wireshark Network Analysis (Second Edition): The Official Wireshark Certified Network Analyst Study Guide https://www.amazon.com/dp/B008G65O7O/ref=cm_sw_r_cp_apa_sNcFyb8ZXZ6KS
The TCP/IP Guide - It's a little dated these days and barely touches IPv6, but it's a good, quick look at a lot of the glue services that you will eventually need to understand and troubleshoot: DNS, SNMP, NTP, etc.
TCP/IP Illustrated, VOL 1 - Here's where we get into the nitty gritty. This shows you what is happening in those packets that cross the wire. Invaluable if you go onto doing Performance Engineering functions later on, but still good.
NMAP Network Scanning - NMAP is a godsend if you don't have remote login rights but you need to see what's happening on the far end of the connection.
Wireshark Network Analysis - Most useful tool in your toolbox, IF you can use it, for proving the negative to your customers. At some point you're going to be faced with an angry mob in Dockers and Polos who want to know "WHY MY THING NOT WORK?". This is the book that will let you point to their box and go "Well, as soon as the far side sends a SYN/ACK your box sends a FIN and kills the connection."
Learning the bash shell - You're a network engineer, you're going to be using Linux boxes as jump boxes for the rest of your life. Shell scripting will let you write up handy little tools to make your life easier. Boss wants to blackhole China at the edge? Write a quick script to pull all of the CN netblocks from the free FTP server APNIC owns, chop it up in sed and AWK, throw a little regex in for seasoning and you're done. And when he comes back in 30 days for an updated list? Boom, it's done even faster.
The vendor specific books are nice, but I can't tell you how many network engineers I've run across who couldn't tell me how DNS worked or how a three way handshake worked or couldn't write a simple script in Bash to bang out 300 port configs in 30 seconds. There are a shit ton of paper CCIEs out there, but those books up there will make you stand out.
Wireshark do doo dododoDOOdoot wireshark