Category Archives: Publications

Practical Packet Analysis Photo Contest

Since the latest edition of Practical Packet Analysis has been released, so many people have been sending me pictures of their copies. It’s been so amazing that I’ve decided to make a contest of it and reward those of you who bought the book and are so enthusiastic about it!

About a month ago I shared that I am developing an online packet analysis course with the same name as the book. This course officially opens in June and is packed with over 40 hours of packet analysis videos and plenty of hands-on labs and packet captures for you to play around with. You can learn more about this course here: http://chrissanders.org/training/#ppa.

This is your opportunity to win a FREE seat in the course. But, it’s only if you’ve already purchased the book. I want you to take a picture of the book and send it to me at chris@chrissanders.org with the subject “PPA Photo Contest”. Now, it’s not quite that simple. I’m going to pick the winner based on who sends me the most creative picture. That can mean taking the book to an exotic locale, a simple action shot of you using the book to dissect some packets, or even a picture of the book with your dog. The sky is the limit, just don’t do anything illegal or dangerous 🙂

The official rules:

  • Your submission must be received by midnight EST on May 10th. If you were thinking about buying the book, this gives you a chance to purchase and receive it and still take your photo.
  • Entries must be submitted directly to me at chris@chrissanders.org with the subject line “PPA Photo Contest”
  • You must have purchased a legal copy of PPA 3rd edition
  • You must consent to allow me to share your picture on social media and my blog. I won’t share them all, but I will share some of my favorites.
  • I will pick one overall winner who will receive a free seat in the PPA online course. If you are already registered for this course, you can exchange that license for a seat in my Investigation Theory course.
  • I will pick a few “honorable mention” winners who will receive discount codes for any of my courses of your choosing, or free seats in my information security writing course.

So, what if you bought an electronic copy of the book? You can still enter! Just take your picture showing the book in your e-reader application or on your tablet. However, when you submit your entry please include a receipt showing your purchase. That can be a screenshot of your amazon order page or the e-mail receipt from No Starch Press.

That’s it! The contest begins NOW and ends at midnight May 10th. I’m looking forward to seeing how creative you can be!

Introducing the Source Code Podcast

A few weeks ago on Twitter, I teased that I was working on a new podcast called “Source Code”. Creating a podcast is something I’ve always wanted to do, but I’ve never really had the opportunity to pursue it until now. There are a lot of great podcasts in the information security space already, and I’ve been fortunate enough to be guests on a couple of them. So, what makes mine different (aside from being able to make fun of my accent)?

Source Code is an information security podcast that’s all about education. Rather than simply providing technical segments or news, Source Code is focused on the people that push information security forward and battle in the trenches every day.

We interview practitioners from every facet of information security about their origin story. This includes how they go their start, how they got into the field, and the career decisions that made them successful (or slowed them down) along their path. It’s the story of their source code — what makes them tick. We also talk about current opinions on the state of security education to include what we’re doing right and what we’re doing wrong.

You’ll hear from plenty of household names you’ve heard of, as well as some people you should know about with interesting back stories and unique contributions to the field. Source Code celebrates the diversity of backgrounds that makes information security a unique place to exist.

The #1 question I get asked is “How do I get into infosec?” My hope is that through this podcast, I create a library of stories that can help answer that question by showing people that there are a ton of different ways to get started, and each one can lead to great success.

The podcast will live here: http://www.chrissanders.org/podcast

You can also subscribe to it using your favorite podcasting platform:

If you like what you hear, I’d sincerely appreciate you subscribing, “liking”, or giving a positive review of the podcast on whatever platform you use. 

The show is seasonal, and the first season will have eight episodes that will be released every other Friday (you get this one early). I have some GREAT guests lined up, so stay tuned.

I hope you enjoy it!

Practical Packet Analysis 3rd Edition Released!

Ten years after releasing the first edition of Practical Packet Analysis, the third edition is finished and has been released! It’s hard to believe it’s been so long. So far, existing editions have sold tens of thousands of copies, been translated into multiple languages, and been used as a textbook in multiple college courses. I’m very humbled by the success the book has seen over the past decade.

Purchase Here from Amazon

Purchase Here from No Starch Press

If you’ve never read Practical Packet Analysis…

the key word I want to focus on is Practical. There are a lot of books about networking and protocols out there that get into the specific details at magnified level, but this isn’t that book. This book is written for people who need to do things like solve network issues, troubleshoot latency, or investigate security threats. Capturing packets is easy, but understanding them isn’t, and PPA is designed to give you the practical knowledge you need to get started down the right path. Practical Packet Analysis was the first book of its kind a decade ago, and the approach I’ve taken is unlike any other book you’ll find on the topic.

If you’ve read one of the previous editions…

I think you’ll like the new one too. Much of the introductory material is the same, but I’ve added quite a bit of new content:

  • Updated content for Wireshark 2.
  • A new chapter on packet analysis from the command line with tshark and tcpdump.
  • A bonus chapter on how to read packets in hex using packet diagrams.
  • New protocol coverage of IPv6 and SMTP.
  • All new scenarios related to network troubleshooting, internet of things devices, and security scenarios.

Charitable Contributions from Book Sales

A significant portion of the royalties from Practical Packet Analysis will be going to support a number of charities. This includes the Rural Technology Fund, the Against Malaria Foundation, and several others. Through your purchase of my books we’ve been able to put computer science resources into the hands of over 10,000 students just last year alone, purchase life saving mosquito nets for thousands of African families, and so much more. I’m thrilled to be able to use my work to serve others, and I hope you’ll share in that joy with me.

Acknowledgements

First of all, I want to sincerely thank everyone who has ever purchased any of the prior editions. I know you work hard for your money, so I’m glad my work was deemed worthy of your contribution and your time. As I always do, I want to share the acknowledgements and dedications you’ll find in the first few pages.

I’d like to express sincere gratitude for the people who’ve supported me and the development of this book.

Ellen, thank you for your unconditional love and for putting up with me pecking away at the keyboard in bed for countless nights while you were trying to sleep.

Mom, even in death the example of kindness you set continues to motivate me. Dad, I learned what hard work was from you and none of this happens without that.

Jason Smith, you’re like a brother to me, and I can’t thank you enough for being a constant sounding board.

Regarding my coworkers past and present, I’m very fortunate to have surrounded myself with people who’ve made me a smarter, better person. There’s no way I can name everyone, but I want to sincerely thank Dustin, Alek, Martin, Patrick, Chris, Mike, and Grady for supporting me every day and embracing what it means to be servant leaders.

Thanks to Tyler Reguly who served as the primary technical editor. I make stupid mistakes sometimes, and you make me look less stupid. Also, thanks to David Vaughan for providing an extra set of eyes, Jeff Carrell for helping edit the IPv6 content, Brad Duncan for providing a capture file used in the security chapter, and the team at QA Café for providing a Cloudshark license that I used to organize the packet captures for the book.

Of course, I also have to extend thanks to Gerald Combs and the Wireshark development team. It’s the dedication of Gerald and hundreds of other developers that makes Wireshark such a great analysis platform. If it weren’t for their efforts, information technology and network security would be significantly worse off.

Finally, thanks to Bill, Serena, Anna, Jan, Amanda, Alison, and the rest of the No Starch Press staff for their diligence in editing and producing all three editions of Practical Packet Analysis.

Dedication

This time around, rather that dedicating the book to an individual, I chose to include the first verse of one of my favorite songs, “Amazing Grace”. These words have profound meaning, and they just felt right positioned as the first words you’ll read in these pages.

“Amazing grace, how sweet the sound That saved a wretch like me.
I once was lost but now I’m found. Was blind but now I see.”

Reviews

Finally, if you do end up with a copy of Practical Packet Analysis, I’m always grateful for a review on the books Amazon page. A positive review is the most meaningful way to help an author whose work you enjoyed. If you’d rather share your review with me directly, don’t hesitate to e-mail me. I’m always happy to hear your feedback.

Mailing List Availability

If you like the content on my blog, one of my presentations, or enjoyed any of my books, consider signing up for my new mailing list. You can do so here:

http://chrissanders.org/list

I’ll be using the list to occasionally collect feedback about research I’m doing and to send out preliminary research and content that won’t be appearing on the blog. If you’re interested in my work, this is a great way to contribute and benefit from it. I’ll also be sharing details about some new training content I have coming up and how you can get free or discounted access by signing up early and providing feedback. Lastly, I’ll provide information about new publications, discount codes, and the occasional free book giveaway.

Technical Book Purchases Making a Difference

All of the royalties from Practical Packet Analysis and Applied NSM are donated to public school classrooms as well as a specific group of charities. Half way through 2015, your purchases of these books funded the following:

Dupo, IL – One Apple TV
This device will allow students to broadcast tablets to the classroom and will allow for group interaction with a limited number of devices.

Ypsilanti, MI – Two Raspberry Pi starter kits  and touch screen LCDs
Will be used to teach students how to code and debug programs.

Brunswick, GA – Lego Mindstorms kit and circuit building kits
Equipment will be used for an elementary school maker space

Bassett, VA – 3D Printer
Printer will be used as a part of a Maker Space in the elementary school’s library

Orlando, FL – Four DragonTouch Tablets
These devices will allow for customized tech learning plans to be delivered to elementary school students.

Lyndonville, VT – 3D Printer
Printer will be used as a part of a new technology design class focused on STEM education

Stone Mountain, GA – Ten Raspberry Pi kits and five RC robotics kits
Used for developing a technology course to teach kids about programming and robotics

New Lothrop, MI – Two Arduino kits, red boards, soldering kits, and misc sensors
Used in high school technology classes to teach kids about electronics, soldering, and programming

Claysville, PA – Ten Arduino invention kits
Allowing middle school students to explore and invent things that will teach them about electronics, robots, and coding

Charlotte, NC – Raspberry Pi starter kit, electronics kit, invention kit
Equipment will be used to build a Maker Space in the middle school’s library.

Dunlap, IL – Ten Arduino ultimate starter kits
Kits will be used in conjunction with club activities to teach students how create digitally controlled devices

Hartford, KY – Lego Mindstorms EV3 Kit
Kit will be used to develop a middle school robotics program

In additions, cash donations were made to the following:

  • Hope for the Warriors
  • Autism Speaks
  • Hackers for Charity
  • Kiva

If you purchased a copy of one of these books, thank you for contributing to these worthwhile causes. We are using education to fund more education.