Detailed Course Outline
Features, functions and basic operation of Wireshark Analyzer
- Introduction and operation of Wireshark
- Live Capture and Live Capture settings
- Display options and basic interpretation
- Working with Display Filters and Capture Filters
- File Input and Output
Advanced features of Wireshark Analyzer
- Preferences and user profiles
- Name resolution
- Reconstructing user data – Protocol reassembly
- Packet colorization
Methodology and techniques of network analysis
- What is packet analysis?
- Steps and techniques for analyzing traffic
- Analysing Switched Ethernet - Tapping into the network
- Capturing wireless network traffic
- Measuring network delay and response time
- Measuring network throughput and overhead
Statistics and Baselining
- Baselining of networks and applications
- Wireshark statistics
Analysing networks and applications
- Typical network related problems
- Application types and typical application related problems
- "Is it the network or the application?" – Fault isolation
- Analysing and reconstructing voice traffic
Switched Ethernet analysis
- Spanning Tree operation and Spanning Tree analysis
- Analysing VLANs, VLAN-Tagging
TCP/IP analysis of the network layer
- IP addressing
- Typical IP scenarios
- IP options
- ICMP, ARP and DHCP
TCP/IP analysis of the transport layer
- TCP functions
- Session Setup, Data Transfer and Session Teardown
- Window Mechanism and Window optimization
- TCP options (SACK, Window Scaling) and TCP timers
- UDP functions
Analysing TCP/IP with Wireshark
- Wireshark preferences for advanced TCP/IP analysis
- Typical TCP/IP related problems
- Wireshark Expert Info messages and their meanings
TCP/IP applications
- HTTP
- FTP
- DNS
- SSL