My latest article on Wireshark made it to Issue #143 / Oct 2012 issue of Linux-Pro Cover Theme: Intrusion Prevention.  Reading a packet capture file with Wireshark and tshark 'Needle in a Haystack'.  Wireshark doesn't just work in real time.  If you save a history of network activity in a pcap file using a tool such as tcpdump, you can filter the data with Wireshark to search for evidence.

Approximate on sale dates:

 - UK/Europe: Sep 01

Highlights:

New vulnerabilities appear every day. To keep your network safe, you need to think like an attacker.

Cover Stories:

• IPv6 Pen Testing: You can't rely on just your IPv4 pen test tools if IPv6 services are running on the network.
• Capture File Filtering with Wireshark: Save a history of network activity and search it later for intrusion evidence.
• OpenVAS: How safe is your network? Look for potential problems with this open source vulnerability assessment tool.
• Side Channel Attacks: Error messages and verbose log entries can tip off intruders.