This hands-on course provides in-depth training on Wireshark® and TCP/IP communications analysis. This course covers the use of Wireshark to identify the most common causes of performance problems in TCP/IP communications. Topics include traffic capturing techniques and analyzer placement, traffic filtering (capture/display), customized profiles, coloring rules, graphing, field interpretations and functionality of key TCP/IP communications. A strong emphasis is placed on understanding the normal behavior of ARP, DNS, IP, TCP, UDP, ICMP as well as HTTP/HTTPS. Students learn to identify latency issues, connection establishment concerns, service refusals and common indications of reconnaissance processes and breached hosts.
Kurs Süresi
Upon completion of this course the participant will understand how to use Wireshark efficiently to spot the primary sources of network performance problems.
SNIFFING-TRACING-PROTOCOL ANALYSIS COURSE CONTENT
Chapter 1: The World of Network Analysis
Chapter 2: Introduction to Wireshark
Chapter 3: Capture Traffic
Chapter 4: Create and Apply Capture Filters
Chapter 5: Define Global and Personal Preferences
Chapter 6: Colorize Traffic
Chapter 7: Define Time Values and Interpret Summaries
Chapter 8: Interpret Basic Trace File Statistics
Chapter 9: Create and Apply Display Filters
Chapter 10: Follow Streams and Reassemble Data
Chapter 11: Customize Wireshark Profiles
Chapter 12: Annotate, Save, Export and Print Packets
Chapter 13: Use Wireshark’s Expert System
Chapter 14: TCP/IP Analysis Overview
Chapter 15: Analyze Domain Name System (DNS) Traffic
Chapter 16: Analyze Address Resolution Protocol (ARP) Traffic
Chapter 17: Analyze Internet Protocol (IPv4/IPv6) Traffic
Chapter 18: Analyze Internet Control Message Protocol (ICMPv4/ICMPV6)
Chapter 19: Analyze User Datagram Protocol (UDP) Traffic
Chapter 20: Analyze Transmission Control Protocol (TCP) Traffic
Chapter 21: Graph IO Rates and TCP Trends
Chapter 22: Analyze Dynamic Host Configuration Protocol (DHCPv4/DHCPv6)
Traffic
Chapter 23: Analyze Hypertext Transfer Protocol (HTTP) Traffic
Chapter 24: Analyze File Transfer Protocol (FTP) Traffic
Chapter 25: Analyze Email Traffic
Chapter 26: Introduction to 802.11 (WLAN) Analysis
Chapter 27: Introduction to Voice over IP (VoIP) Analysis
Chapter 28: Baseline “Normal” Traffic Patterns
Chapter 29: Find the Top Causes of Performance Problems
Chapter 30: Network Forensics Overview
Chapter 31: Detect Scanning and Discovery Processes
Chapter 32: Analyze Suspect Traffic
Anyone interested in learning to troubleshoot and optimize TCP/IP networks and analyze network traffic with Wireshark, especially network engineers, information technology specialists and security analysts.