Wireshark is a free network protocol analyser. This hands-on course provides a starting point for troubleshooting networks using Wireshark. The course concentrates on the Wireshark product and students will gain from the most from this course only if they already have a sound knowledge of the TCP/IP protocols.
TCP/IP Foundation for engineers (TPTCPIP)
By the end of the course delegates will be able to:
What is Wireshark?
Protocol analysers, Wireshark features, versions, troubleshooting techniques with Wireshark.
Installing Wireshark
Downloading Wireshark, UNIX issues, Microsoft issues, the role of winpcap, promiscuous mode, installing Wireshark. Wireshark documentation and help.
Hands on Downloading and installing Wireshark.
Capturing traffic
Starting and stopping basic packet captures, the packet list pane, packet details pane, packet bytes pane, interfaces, using Wireshark in a switched architecture.
Hands on Capturing packets with Wireshark.
Troubleshooting networks with Wireshark
Common packet flows.
Hands on Analysing a variety of problems with Wireshark.
Capture filters
Capture filter expressions, capture filter examples (host, port, network, protocol, worm), primitives, combining primitives, payload matching.
Hands on Configuring capture filters.
Working with captured packets
Live packet capture, saving to a file, capture file formats, reading capture files from other analysers, merging capture files, finding packets, going to a specific packet, display filters, display filter expressions.
Hands on Saving captured data, configuring display filters.
Analysis and statistics with Wireshark
Enabling/disabling protocols, user specified decodes, following TCP streams, protocol statistics, conversation lists, endpoint lists, I/O graphs, protocol specific statistics.
Hands on Using the analysis and statistics menus.
Command line tools
Tshark, capinfos, editcap, mergecap, text2pcap, idl2eth.
Hands on Using tshark.
Advanced issues
802.11 issues, management frames, monitor mode, packet reassembling, name resolution, customising Wireshark.
Hands on Customising name resolution.
Join our public courses in our Istanbul, London and Ankara facilities. Private class trainings will be organized at the location of your preference, according to your schedule.