I don't get nearly as much opportunity to play with packets these days as I did in the first 5-10 years I was a handler and I miss it. I was looking back through some of my old diaries and realized that in the years since I wrote some of them, we have at least a generation of folks who have entered the field. So I thought that on (the day after) Groundhog Day, it might be time to point folks back to some stuff I wrote earlier. Note, some of the tools have changed/evolved, so ethereal is now wireshark and instead of hping3 I would probably use scapy, but here are 2 of my favorite diaries from the past. Check them out,  is from 2006 and  is from 2009.
 A packet challenge and how I solved it
Jim Clausing, GIAC GSE #26
jclausing –at– isc [dot] sans (dot) edu
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.