No Starch Press sent me Practical Packet Analysis, 2ed a little while back. At about 250 pages it’s a lot smaller than Chappell’s “Wireshark Network Analysis”, and more appropriate for someone who wants to get up and running quickly rather than going for a certification.

The book assumes no knowledge of Wireshark, and a basic understanding of networking. More than half the book is devoted to teaching the Wireshark interface and how the popular protocols work. So, if you don’t know anything about DNS recursion, you’ll get a taste of it here along with what it looks like in Wireshark. The first half covers everything from filtering inside Wireshark to how different protocols work.

The second half of the book follows fairly typical examples, such as decoding HTTP streams and troubleshooting the causes of network congestion. Of special interest is Chapter 10, which is about using wireshark for security analysis. This chapter is merely an introduction to a huge topic, but the author has chosen some interesting examples such as an ARP poisoning attack and analysis of a trojan horse.

One theme the author continually comes back to is appropriate placement of the analysis tool. The early chapters discuss the matter in theory, and every example in the second half has some text that analyzes the options for where to use Wireshark and where the best spot is.

Some of the highlights of the book:

• A great discussion of TCP congestion and analysis of a congestion scenario
• A good tradeoff between depth and breadth. This is a “getting started” guide/
• Uses many of the features of Wireshark in a practical context
• A good, though basic, chapter about wireless sniffing

Some of the downsides:

• No IPv6 (other than a brief mention of a host filter)
• Would have liked to see more use about IO graphs and TCP stream graphs especially when talking about congestion.

On the whole, a great book for the IT administrator who wants to quickly get started using Wireshark. Cover price is $49.95 US, Amazon.com is showing it for $30 which is a bargain.

a

I looked at two documents from Pearson and O’Reilly (links go to the catalog of PDF documents for each publisher). Both publishers coincidentally call their series “Short Cuts” and sell them for around $9.99 US (some are less). The titles I looked at were AJAX and Web Services and Lead Generation on the Web from O’Reilly, and CCVP GWGK Quick Reference Sheets and CCNP ISCW Quick Reference Sheets from Cisco Press (Pearson).

Pearson’s ShortCuts are delivered through a third party and use Adobe DRM. According to the security settings, the reader is allowed to print the document (which I did), keep the document for an unlimited amount of time, and to make 6 selections (ie copy and paste) every 30 days. There doesn’t appear to be a limit on how much can be copied and pasted at any time. Internet access is required to download and activate the book on the computer for the first time. It appears that the document can be transfered to other computers but because I only have the one Windows machine I wasn’t able to try.

Windows? Yes, this unfortunately won’t work on Linux, at least Pearson’s DRM enabled documents. OS X will work, at least according to the FAQs over on Adobe’s site.

O’Reilly’s document on the other hand is an unencrypted PDF (while there’s nothing technically stopping you from copying it, the copyright, of course, prevents you from legally doing so).

In terms of the actual layout, you can get an idea of Pearson’s from their ShortCut Sampler. I couldn’t find something similar for O’Reilly. Pearson clearly has the visual edge, colour is used, there is more whitespace used and the two column landscape layout enhances the on-screen readibility. O’Reilly’s is denser, they use more of the page, and have a portrait orientation.

In terms of quality and completeness, both were excellent. Each ShortCut delivered as promised and I thought my time was well spent reading.

AJAX and Web Services explored the use of AJAX to make REST and SOAP calls to search engines. From there it branched off into XSLT for transforming the output either server side or client side, and also the use of proxies to work within JavaScript’s security framework. The code (Perl and JavaScript) was well constructed and I really learned a lot from it. The way it was structured allowed for easy re-use of the code.

Lead Generation was an interesting mix of business and tech. I had initially thought it would be all sales based, but I found the content to be applicable for techs looking to market their services.

The ISCW exam refresher was also fairly good. I happen to be doing some editing on the Cisco Press ISCW exam prep book so I’m in a good position to judge the completeness of this one. The length of the PDF doesn’t allow for many diagrams or complex instruction, but as a refresher before writing the exam this is an excellent choice.

The GWGK exam refresher was also good. It made heavier use of diagrams and instructions than the ISCW guide, so for people that work with voice periodically this will be a good quick reference guide. The breadth of the topics in this one made it an interesting read, and worth printing out even after the exam is over with.

After studying the offerings from the two vendors, I realized it’s not a case of one over the other, just which one offers the subject you’re looking for. There is little overlap between the two, both have many AJAX titles for example, but it’s such a focused document they’re really offering different products. The only complaint I can find on the Pearson side is the DRM, not because of any philosophical reasons, but because I’m a Linux user. From O’Reilly, it doesn’t look as polished (visually) as the Pearson ones, but for 60 pages it’s not something that’s an issue.

This PDF format and smaller size means that content can come out faster. A book may take many months to write, print, and distribute, these documents can come out much faster. Because of the tight focus the author can really teach something, or solve a troubling problem. At less than ten bucks a pop and immediate delivery, these downloadable ebooks are well worth it.

a

So, trying to learn this new extension led me to Dive Into Greasemonkey, a superb online book explaining the use of this extension. A few weeks later, I received Greasemonkey Hacks by the same author and was estatic! Dive Into Greasemonkey was a great start to learning GM, it already had the feeling of the O’Reilly Hacks series, and here is a whole book by the very same author.

Maybe the tutorial-like nature of Dive Into Greasemonkey had me looking for something else in GM Hacks, but for some reason I’m having trouble “getting it”. The book starts off with some very good introductory material on GM itself, including a good tutorial on XPath usage, but GM Hacks assumes you know Javascript and the objects that Firefox uses. Having gone through Dive Into Greasemonkey I knew enough of this to get by, but I still find myself looking up reference information on websites rather than finding an explanation in the book.

The Hacks books are often a collection of many people’s scripts and it shows. There are several ways to do some things (such as iterate through all the links on a page), and the scripts in the book switch between them at will. I found one case where the choice was actually explained, but for the others I have to assume that the methods are the same and the choice is a personal preference.

Maybe I had some bad luck, but I found the index to be useless for the things I was looking for when I was developing my own scripts.

My final gripe goes back to the need for more tutorial material in the book. One of the best features of GM is the GM_xmlhttpRequest function, which lets you pull in arbitrary web pages through your script. Nowhere in the book is a description on how to use the function, just POOF, it’s there.

With the complaints above you might think I didn’t like the book. As a tutorial I think you can do better, but I look at it as 100 odd scripts to give me ideas on how I can use GM. And, as I learn more Javascript and get more experienced with GM, I’m able to pull out more and more from the sample scripts to use on my own.

The list of scripts in this book is here, and as you can see, there’s a lot of different things you can do with GM. The URL for the script is usually given so you don’t have to type it in (some are several pages long), though I noticed one that I tried to use had completely changed since the book was published.

This is a good book for someone looking to get ideas for using Greasemonkey and to pull out patterns. Those just getting into it are best to read Dive Into Greasemonkey first and maybe a good Javascript book before tackling this one, though.

(Edit Dec 25, was missing half a sentence from paragraph 5)

a

While Windows users have no problem using all the wireless gear out there, not everything is supported in Linux. Add to this the command line tools for dealing with wireless, and you have a recipe for confusion. “Linux Unwired” demystifies the Linux Wireless system, and provides guidance for purchasers to make sure that they buy the most supported equipment possible.

It should be noted early on that 802.11b is not the only thing covered in the book. The other variants (a and g) are there, in addition to IRDA (infrared), Bluetooth, and Data over Cellular. On the latter point, much of the content deals with US based providers, but it still provides a good backing on the subject for those of us outside the country.

802.11b is the main focus, taking up around half the book. It starts with a discussion of the chipsets behind the cards, and how the map to Linux support. Here is where the reader gets advice on which card to buy, or at least what to look out for when buying a card. One thing I found interesting was the WLAN driver loader, which is an inexpensive product that lets Linux load binary WLAN modules. Some cards are not supported enough in Linux to do things like WEP security, which is where this product comes in. Again, the book leads the reader around the situations when this is necessary and when it isn’t.

In addition to WEP, other methods of authentication are covered such as 802.1x authentication and 802.11i, the successor to WEP. It’s also a good example of the broad scope of the book and a focus on interoperability with existing systems, rather than assuming the reader is building everything from the ground up.

Access points take up two chapters, the first looking at how to use them with Linux. Before reading this book, I was under the impression that access points all used web browsers or telnet for configuration, but apparently some need Windows software. There are situations where people have developed software to emulate this functionality, and pointers are provided. The second of the two chapters is on building your own access point, which is a fascinating look at using micro-linux distributions and mini-x86 hardware to build access points with rich functionality (for those less adventurous or well funded, the same can be done with any old hardware). There is also a look at soldering on a serial port to a popular Linksys router to allow command line access to the underlying Linux OS.

Bluetooth and IRDA are less common uses of wireless that let computers speak to phones and PDAs. I was completely unaware of the level of support that existed in Linux until after I read these chapters. While the Bluetooth coverage was comprehensive, it went to a deeper level of detail than I thought necessary, such as a detailed breakdown of the Bluetooth stack of protocols. However, at the end, it is possible to use Bluetooth and IRDA to pull data from devices, and to connect to their resources (ie modems and databases) over the air.

I should also mention the chapter on GPS. It is fairly thin on its own, but as an addition to the 802.11b section (ie wardriving), it does well.

A couple of things stood out about this book. The first is that the target audience isn’t necessarily Linux geeks, but Linux users. You don’t have to be a Linux guru to get this stuff running, the level of detail is sufficient to get anyone who isn’t scared of a command line up and running. The second is that the authors spent a lot of time testing various hardware. Many wireless cards and Linux distributions were tested in the early chapters. Where several options for software existed, they were all looked at (such as the source vs binary drivers mentioned above). This all adds to the book’s value not only as a howto manual for wireless, but also as a guide for navigating through product and software selection.

“Linux Unwired” is perfect for anyone who wants to use wireless on Linux, be it connecting to an 802.11b network, or trying to use a cell phone to send a fax. Those looking to purchase equipment will want to go through the book first to make use of the product advice and compatibility testing.

More information is available from the O’Reilly website at http://www.oreilly.com/catalog/lnxunwired/index.html which includes a sample of chapter 3, “Getting on the network”

a

I finished going through O’Reilly’s Apache Cookbook a little while back, but it came in handy so often at work, I never brought it home to complete the review!

Like the other entries in the Cookbooks Series, the Apache Cookbook focuses on common problems, their solutions, and an explanation of the thought process behind it. For an application such as Apache, this is the perfect way to help people out.

Each recipe poses a common problem, such as how to install the web server or a module, a concise solution, and a discussion of how the solution works. Even though some solutions are “there is no solution” (such as how to log the IP address of a proxied client), the fact that it is stated as such, along with an explanation of why (either technically impossible, or no such software written) is still helpful.

The breadth of topics is good, starting out on basic installation from source, RPM, or helper scripts, moving onto logging, virtual hosts, and security, and covering more advanced topics such as proxying and url rewriting.

I found that the books treatment of logging, normally a mundane topic, was particularily good. Many of the recipes may not have had immediate practical value, such as logging cookies, but they all showed off how versatile Apache is. The procedure for logging a cookie turns out to be fairly simple, but in doing so the reader is shown the many ways that the CustomLog directive can be used. For logging proxied requests, something that this author has unsuccessfully tried to do in the past, the answer turns out to show off some Apache features that let the administrator set environment variables for the request that get picked up later in the process. Along with logging specific things, alternate methods of logging, such as SQL and Syslog, are also shown. Surprisingly, I saw no mention of what to do with the logs once they’ve hit disk, even if it were a few links to packages such as Webalizer or AWStats

Chapter 5, “Aliases, Redirecting, and Rewriting” shows some of the more powerful aspects of Apache, namely its ability to manipulate any aspect of the query. There are several practical recipes here, such as moving parts of your site to another url, mapping several URLs into one file, and so forth. This chapter shows off many of the regular expression features, not only the obvious sledgehammer of mod_rewrite, but many of the Match commands, such as RedirectMatch, and ScriptAliasMatch.

The chapter on SSL is also very helpful, guiding the user through many scenarios such as generating keys, requiring SSL for certain sections of the site, and even using client certificates.

Likewise, the chapters on proxies and performance are excellent if the topic is of interest to you, or you find yourself in need.

The book covers both Apache 1.3 and 2.0, being careful to make notes where the configurations differ.

I brought this book in to work when I first got it, which coincidentally was around the time where some of us were doing some Apache work. The book proved indispensible, answering everything from “Why does the site work with a trailing slash, but not without?” (hint, check your ServerName directive) to setting up SSL and some site redirections. This book will be close at hand the next time I have an Apache question.

Apache Cookbook combines an easy to follow writing style with a format conducive to solving problems. Anyone who works with Apache will want this book handy.

a

O’Reilly’s Hacks Series bill themselves as “Clever solutions to interesting problems”, which I’ll agree with. The topics presented in the book aren’t generally introductory topics, instead they’re solutions to specific problems that a systems administrator runs into. For the most part, the hacks are designed to make a complex and common task quicker or easier to do.

One item of note is that the book is devoted to server functions, so you’ll find few mentions of anything GUIsh.

Linux Server Hacks has 100 hacks, divided into 8 distinct topic areas. The first is “Server Basics”, covering common administrative tasks a server admin runs into. Examples here are “Finding Disk Hogs”, and the best explanation of bash filehandle redirection (ie 2>&1) I’ve come across.

Chapter 2, Revision Control, covers both RCS and CVS, with an eye to keeping version history of system files. While there is very little “clever hacking” going on here, this chapter does exemplify the specific, problem driven nature of the book, ie this isn’t a man page, it’s a concise list of instructions to accomplish a task.

Chapter 3, Backups, has some interesting hacks to make copies of data, such as how to keep web clusters in sync, quick and dirty network backups, and CD burning techniques (including copying a web site directly to CD, which isn’t recommended).

As a network guy, the next chapter, Networking, was of particular interest. The first couple of hacks on iptables are nothing new, but the rest of the chapter investigates various techniques for building tunnels between machine, and port forwarding techniques.

An important task to any administrator, Monitoring, is way more than simply running “top” (though there is a hack for that). There are several scripts and programs to watch logs, processes, network traffic, and web server usage. There is also a brilliant hack called “Cheap IP Takeover”, which lets you cluster two machines together with one taking over the ip address of another in the event of a failure.

Chapter 6, SSH, shows off some advanced features of the tool, from securing passwordless logins across multiple machines, to forwarding ports and X-Windows. Even after using SSH for years, I found some ways to be more efficient after reading these six short hacks.

I must admit that the Scripting chapter is nothing to write home about, but the next chapter, “Information servers”, has lots of handy hacks for BIND, MySQL, and Apache. Apache hacks in particular are abundant.

All told, this book contains a significant number of tips and tricks that will make an experienced administrator’s work all the more efficient. The wroting style is easy to follow, and the organization of the book makes it easy to find what you want.

One minor point of irritation, though. While there are many examples of code (shell and Perl), they are displayed completely left justified with no indentation. People reading the code to analyze it will become quickly frustrated trying to track down the ending brackets, especially in the multi-page samples.

“Linux Server Hacks” is an excellent book for the experienced admin looking to increase efficiency. There are lots of helpful pieces of information in here. This book is definately not for the newbie, however!

Check out the home page for the book for the table of contents and a handful of sample hacks.

a

If you haven’t checked out his show, “Good Eats”, I recommend that you do. If I didn’t know better, I’d swear Alton was an Engineer before he was a TV Chef, his show (and books) combine science with cooking, and is pretty entertaining to boot.

a