my friend wanted to know if there is a site, or book that will teach him how to read hex log files from sniffers. Is there any books or sites that cover such topics indeapth.
Here is a decent explanation of what the hex means/corresponds to in a sniffer log file. The faq doesn't go into much detail about reading the hex, but rather focuses on the ascii output as a means of reading the hex:
From my experience, which I'm not stating is the end-all, be-all by far, the sniffer normally has a protocol analyzer built-in that does the hard work for you. Ethereal is a prime example. In fact, I believe Syngress just published a book that covers Ethereal in great detail. Your friend my want to pick it up...