Chapter 1, Appreciating Traffic Analysis, describes the countless places and reasons to conduct packet analysis. In addition to this, we'll cover the many benefits of using Wireshark, an open source software that includes many rich features.

Chapter 2, Using Wireshark NG, starts with an overview of the beginnings of today's Wireshark. We'll examine the interface and review the phases of packet analysis. Finally, we'll cover the built-in tools, with a closer look at tshark (or terminal-based Wireshark), a lightweight alternative to Wireshark.

Chapter 3, Installing Wireshark on a PC or macOS, illustrates how Wireshark provides support for different operating systems (OSes). We'll compare the different capture engines, walk through a standard Windows installation, and then review the resources available at https://www.wireshark.org/.

Chapter 4, Exploring the Wireshark Interface, provides a deeper dive into some of the common elements of Wireshark to improve your workflow. We'll investigate the welcome screen and common menu choices, such as File, Edit, and View, so that you can easily navigate the interface during an analysis.

Chapter 5, Tapping into the Data Stream, starts with a comparison of the different network architectures and then moves onto the various capture options. You'll discover the conversations and endpoints you'll see when tapping into the stream, and then learn about the importance of baselining network traffic.

Chapter 6, Personalizing the Interface, helps you to realize all the ways you can customize the many aspects of the interface. You'll learn how to personalize the layout and general appearance, create a tailored configuration profile, adjust the columns, font, and color, and create buttons.

Chapter 7, Using Display and Capture Filters, helps to make examining a packet capture less overwhelming. We'll take a look at how to narrow your scope by filtering network traffic. We'll compare and contrast display and capture filters. We'll conclude with a good look at the expression builder, and discover the shortcuts used to build filters.

Chapter 8, Outlining the OSI Model, provides an overview of the OSI model, a seven-layer framework that outlines how the OS prepares data for transport on the network. We'll review the purpose, protocols, and Protocol Data Units (PDUs) of each layer, explore the encapsulation process, and demonstrate the frame formation in Wireshark. 

Chapter 9, Decoding TCP and UDP, is a deep dive into two of the key protocols in the transport layer: the Transmission Control Protocol (TCP) and the User Datagram Protocol (UDP). We'll review the purpose of the transport layer and then evaluate the header and field values of both TCP and UDP

Chapter 10, Managing TCP Connections, begins by examining the three-way handshake. We'll discover the TCP options, get a better understanding of the TCP protocol preferences, and then conclude with an overview of the TCP teardown process.

Chapter 11, Analyzing IPv4 and IPv6, provides a solid understanding of the purpose of the Internet Protocol (IP). We'll outline IPv4 and the header fields and then explore IPv6 along with the streamlined header. We'll take a look at the protocol preferences, and see how IPv4 and IPv6 can coexist by using tunneling protocols.

Chapter 12, Discovering ICMP, details the purpose of the Internet Control Message Protocol (ICMP). We'll dissect ICMP and ICMPv6 and compare query and error messages. We'll look at the ICMP type and code values. We'll cover how ICMP can be used in malicious ways and outline the importance of configuring firewall rules.

Chapter 13, Understanding ARP, takes a closer look at the Address Resolution Protocol (ARP), which is a significant protocol in delivering data. We'll outline the role and purpose of ARP, explore the header and fields, describe the different types of ARP, and take a brief look at ARP attacks.

Chapter 14, Troubleshooting Latency Issues, outlines how even a beginner can diagnose network problems. We'll explore the coloring rules and the Intelligent Scrollbar, and then conclude with an overview of the expert system, which subdivides the alerts into categories and guides you through a more targeted evaluation.

Chapter 15, Subsetting, Saving, and Exporting Captures, helps you to discover the many different ways in which to break down a packet capture into smaller files for analysis. We'll cover the different options when saving a file; discover ways to export components, such as objects, session keys, and packet bytes; and then outline why and how to add comments.

Chapter 16, Using CloudShark for Packet Analysis, covers CloudShark, which is an online application that is similar to Wireshark. You'll learn how to filter traffic and generate graphs. We'll then review how you can share captures with colleagues, and show you where you can find sample captures so that you can continue improving your skills.