Reddit reviews Practical Packet Analysis: Using Wireshark to Solve Real-World Network Problems

Here is a "curriculum" of sorts I would suggest, as it's fairly close to how I learned:

1. Programming. Definitely learn "C" first as all of the Exploitation and Assembly courses below assume you know C: The bible is pretty much Dennis Richie and Kernighan's "The C Programming Language", and here is the .pdf (this book is from 1988, I don't think anyone would mind). I actually prefer Kochan's book "Programming in C" which is very beginner freindly and was written in 2004 rather than 1988 making the language a little more "up to date" and accessible. There are plenty of "C Programming" tutorials on YouTube that you can use in conjunction with either of the aforementioned books as well. After learning C than you can try out some other languages. I personally suggest Python as it is very beginner friendly and is well documented. Ruby isn't a bad choice either.
   
   
2. Architecture and Computer basics:
   Generally you'll probably want to look into IA-32 and the best starting point is the Intel Architecture manual itself, the .pdf can be found here (pdf link).
   Because of the depth of that .pdf I would suggest using it mainly as a reference guide while studying "Computer Systems: A Programmers Perspective" and "Secrets of Reverse Engineering".
   
   
3. Operating Systems: Choose which you want to dig into: Linux or Windows, and put the effort into one of them, you can come back to the other later. I would probably suggest Linux unless you are planning on specializing in Malware Analysis, in which case I would suggest Windows. Linux: No Starch's "How Linux Works" is a great beginner resource as is their "Linux Command Line" book. I would also check out "Understanding the Linux Kernel" (that's a .pdf link). For Windows you can follow the Windows Programming wiki here or you can buy the book "Windows System Programming". The Windows Internals books are generally highly regarded, I didn't learn from them I use them more as a reference so I an't really speak to how well they would teach a "beginner".
   
   
4. Assembly: You can't do much better than OpenSecurityTraining's "Introductory Intel x86: Architecture, Assembly, Applications, & Alliteration" class lectures from Xeno Kovah, found here. The book "Secrets of Reverse Engineering" has a very beginner friendly introduction to Assembly as does "Hacking: The Art of Exploitation".
   
   
5. Exploitation: OpenSecurityTraining also has a great video series for Introduction to Exploits. "Hacking: The Art of Exploitation" is a really, really good book that is completely self-contained and will walk you through the basics of assembly. The author does introduce you to C and some basic principles of Linux but I would definitely suggest learning the basics of C and Linux command line first as his teaching style is pretty "hard and fast".
   
   
6. Specialized fields such as Cryptology and Malware Analysis.
   
   
   Of course if you just want to do "pentesting/vuln assessment" in which you rely more on toolsets (for example, Nmap>Nessus>Metasploit) structured around a methodology/framework than you may want to look into one of the PACKT books on Kali or backtrack, get familiar with the tools you will use such as Nmap and Wireshark, and learn basic Networking (a simple CompTIA Networking+ book will be a good enough start). I personally did not go this route nor would I recommend it as it generally shys away from the foundations and seems to me to be settling for becoming comfortable with tools that abstract you from the real "meat" of exploitation and all the things that make NetSec great, fun and challenging in the first place. But everyone is different and it's really more of a personal choice. (By the way, I'm not suggesting this is "lame" or anything, it was just not for me.)
   
   *edited a name out
   
   
   
   
   
   

> It's not something you can pick up from a book

It's totally something you can pick up from a book. It's not magic.

Practical Packet Analysis

• The Practice of Network Security Monitoring: Understanding Incident Detection and Response
  
  
• Applied Network Security Monitoring: Collection, Detection, and Analysis
  
  Either one of these two should get you started. I haven't personally read the 2nd one, but I've heard good things.
  
  Followup/Read along with either/both of the following:
  
  
• [Practical Packet Analysis: Using Wireshark to Solve Real-World Network Problems] (http://amzn.com/1593272669)
  
  
• Network Forensics: Tracking Hackers through Cyberspace

Of the many good reads in your future, please consider this one:
http://www.amazon.com/gp/product/1593272669?keywords=practical%20packet%20analysis&qid=1457992016&ref_=sr_1_1&sr=8-1

If you're looking for an intro that will get you doing hands-on stuff quickly, I definitely recommend "Practical Packet Analysis: Using Wireshark...". Only if you want something that's far from textbook-y and will give you some insight into doing casual sysadmin type stuff. Also, "Nmap Network Scanning" will get you doing some hands-on fun activities as well. Just pay attention to local laws before doing anything that might raise red flags.

• Nmap network scanning
  
• Wireshark
  
  everyone recommends TCP/IP illustrated, and I've still got that on my shelf and to-do list. Can't lose there.

"Practical Packet Analysis" is by far my favorite Wireshark book.

edit: I should probably mention the book was published in 2011, so some of the information is regarding older technology, but the book is still fantastic.

I just ordered Practical Packet Analysis in order to become proficient with wireshark, I was wondering what basic (laymen) material you would recommend I read in order to understand different forms of attacks such as injecting cookies.

So much of the material easily available is very dry, and boring. (I do not find the material boring, it's more of a presentation bias[?])

I have dozens on shelf, but right now "in progress" are;

• O'Reilly sed & awk
  
• Wicked Cool Ruby Scripts
  
• Red Hat RH242 Course Book
  
• Practical Packet Analysis

I really like the book Practical Packet Analysis

But just to get you started, try capturing traffic and then going to a website (non-ssl) like reddit.com. After loading the first page, stop the capture and take a look at it. You can search for strings you would expect in the capture, like "reddit.com" or "GET". You can start looking at the payload portion of the packets and go up to see all the layers.

Here is a really good book for Wireshark: https://www.amazon.com/dp/1593272669/_encoding=UTF8?coliid=I11HBIRF55QCWX&colid=1QE51EOZ8AY1G

/r/Wireshark has some helpful posts either on the side or if you sort by top/all.

Wireshark can be intimidating at first with all the I information you get but if you follow some guides you will do good.