Description
The Course Name: TAW – Troubleshooting TCP/IP Networks with WireShark
The Duration: 5 Days
The Overview:
The purpose of this course is to teach participants how to use Wireshark to troubleshoot TCP/IP networks
What You Will Learn:
- Main reasons for network performance complaints
- How to place the analyzer properly for traffic capture on a variety of network types
- How to capture packets on wired and wireless networks
- How to configure Wireshark for best performance and non-intrusive analysis
- How to navigate through, split, and work with large traffic files
- How to use time values to identify network performance problems
- How to create statistical charts and graphs to pinpoint performance issues
- How to filter out traffic for more efficient troubleshooting and analysis
- How to customize Wireshark coloring to focus on network problems faster
- How to use Wireshark’s Expert System to understand various traffic problems
- How to use the TCP/IP Resolution Flowchart to identify possible communication faults
- How to analyze normal/abnormal Domain Name System (DNS) traffic
- How to analyze normal/abnormal Address Resolution Protocol (ARP) traffic
- How to analyze normal/abnormal Internet Protocol v4 (IPv4) traffic
- How to analyze normal/abnormal Internet Control Messaging Protocol (ICMP) traffic
- How to analyze normal/abnormal User Datagram Protocol (UDP) traffic
- How to analyze normal/abnormal Transmission Control Protocol (TCP) traffic
- How to analyze normal/abnormal Hypertext Transport Protocol (HTTP/HTTPS) traffic
The Course Index:
1 Place the analyzer properly for traffic capture on a variety of network types
- Processing Packets
- Live capture from many different network media
2 Capture packets on wired and wireless networks
- Capturing Traffic
- Analyzer Placement
- Capture Interfaces
- Capture using a network tap
- WLAN (IEEE 802.11) capture
3 Configure Wireshark for best performance and non-intrusive analysis
- Planning the capture operation
- Verify the installation
- Configure Wireshark
- To Set Up a Capture
4 Navigate through large communication files and alter packet appearance
- File Management
- File Sets
5 Save, export, and print network analysis details
- Save packets
- Exporting data
- Printing packets
6 Use time values to identify network performance problems
- How Wireshark Measures Packet Time
- Choose the Ideal Time Display Format
- Send Trace Files Across Time Zones
- Identify Client, Server and Path Delays
- Packet time referencing
7 Filter out traffic for more efficient troubleshooting and analysis
- Filtering packets
- Building display filter expressions
- Manage filters
- Finding packets
- Export HTTP Objects
- Display HTTP Statistics
- Graph HTTP Traffic Flows
8 Create statistical charts and graphs based on network traffic
- Statistics
- The Protocol Hierarchy
- Conversations
- Endpoints
- The IO Graphs
9 Use Wireshark’s Expert System to pinpoint network problems
- Expert Information
- Errors
- Warnings and Notes
- Chats and Packet comments
- Expert Severities Filtered
- Meta Analysis and Tracing Engine (MATE)
- MATE Analysis
- PDU data extraction
- MATE’s PDU tree
- Grouping Pdus together (Gop)
- Grouping Gops together (Gog)
- Configure Gop for requests
- Separating requests from multiple users
- MATE configuration examples
10 Use the TCP/IP Resolution Flowchart to identify possible communication faults
- TCP/IP Analysis Overview
- Follow the Multi-Step Resolution Process
- Build the Packet
11 Analyze normal/abnormal Domain Name System (DNS) traffic
- DNS Message Format
- DNS Header Section
- DNS Question and Resource Record Format
- Dissecting DNS query/response
- Unusual DNS traffic
- Filter on DNS/MDNS Traffic
12 Analyze normal/abnormal Address Resolution Protocol (ARP) traffic
- ARP Header
- Analyze Gratuitous ARPs
- Analyze ARP Problems
- Filter on ARP Traffic
13 Analyze normal/abnormal Internet Protocol v4 (IPv4) traffic
- IPv4 Header
- IPv4 Header Structure
- Analyze IPv4 Problems
- IPv4 Protocol Preferences
- Troubleshoot Encrypted Communications
- Filter on IPv4 Traffic
14 Analyze normal/abnormal Internet Control Messaging Protocol (ICMP) traffic
- ICMP Header
- ICMP Header Structure
- Analyze Normal ICMP Traffic
- Analyze ICMP Problems
- Filter on ICMP Traffic
15 Analyze normal/abnormal Transmission Control Protocol (TCP) traffic
- TCP header
- TCP communicates
- Recovery features
- The flow control mechanism
- Analysis flags in Wireshark
- Unusual TCP traffic
- Filter on TCP Traffic
16 Analyze normal/abnormal User Datagram Protocol (UDP) traffic
- UDP Header
- UDP Packet Structure
- Normal UDP Traffic
- Unusual UDP traffic
- UDP scans
- Filter on UDP Traffic
17 Analyze normal/abnormal Dynamic Host Configuration Protocol (DHCP) traffic
- DHCP Header
- DHCP Packet Structure
- DHCP message types
- Analyze Normal DHCP Traffic
- Analyze DHCP Problems
- Filter on DHCP Traffic
18 Analyze normal/abnormal Hypertext Transport Protocol (HTTP) traffic
- HTTP Request
- The HTTP Status Code Registry
- HTTP Response
- Unusual HTTP traffic
- HTTP redirection
- Filter on HTTP Traffic
19 Analyze normal/abnormal Telnet traffic
20 Analyze normal/abnormal File Transfer Protocol (FTP) traffic
- File Transfer Protocol (FTP)
- Dissecting FTP communications
- Dissecting FTP packets
- Reassembling the FTP
- Unusual FTP
- Filter on FTP Traffic
21 Analyze normal/abnormal Post Office Protocol (POP) traffic
- POP3 Packet Structure
- POP3 Communications
- Usual POP3 traffic
- Usual POP3 traffic encrypted connection
- Analyze POP Problems
- Filter on POP3 Traffic
22 Analyze normal/abnormal Simple Mail Transfer Protocol (SMTP) traffic
- SMTP Packet Structure
- SMTP Communications
- Usual SMTP traffic
- Unusual SMTP traffic
- Filter on SMTP Traffic