Packet capturing is done for a variety of reasons—performance, security, testing, and more. This chapter was meant to give you a short introduction to the essential tools of capturing and manipulating traffic. For additional resources, I strongly recommend the following books:
Wireshark & Ethereal Network Protocol Analyzer Toolkit, by Angela D. Orebaugh, Gilbert Ramirez, CISSP, and Jay Beale (Syngress).
Network Intrusion Detection, by Stephen Northcutt and Judy Novak (SAMS).
—Dave Killion