Wireshark Training: Advanced Network Analysis and Troubleshooting

Wireshark Training: Advanced Network Analysis and Troubleshooting

 

Wireshark Training Part 1: Wireshark Basics

• Introduction to Wireshark
• When to use Wireshark
• Where to physically connect
• Wireshark Graphical User Interface
• Capturing network traffic
• Labs:
  • Install Wireshark
  • Explore Wireshark installation
  • Capture and save network traffic
  • Understanding the packet details pane

Wireshark Training Part 2: Viewing Network Protocols with Wireshark

• Capture filters
• Display filters
• Preferences
• Time stamps
• Mark and ignore packets
• Import and export packet captures
• Labs:
  • Capture filters
  • Display filters

Wireshark Training Part 3: Analysis Tools and Troubleshooting Techniques

• Troubleshooting methodology
• Configuration profiles
• Preferences
• Creating coloring rules
• Establishing a baseline
  • Leveraging Wireshark statistical reports and graphs
• Labs:
  • Custom profile
  • Coloring rules
  • Traffic baselines

Wireshark Training Part 4: Analyzing and Troubleshooting Layer 2 Protocols

• Ethernet frames
• MAC addresses
• ARP request/response procedure
• STP
  • BPDU format
  • Bridge selection
  • Port states
• VLANs
  • 802.1Q frame encapsulation
• Labs:
  • Ethernet
  • ARP
  • STP
  • 802.1Q

Wireshark Training Part 5: Analyzing and Troubleshooting Wireless Protocols

• How to sniff wireless networks
• 802.11 WLAN traffic
  • Radiotap information
  • Beacons and network capabilities
• Bluetooth 4.0 traffic
• Sensor networks
  • 802.15.4
  • ZigBee and ZigBee Pro
• Labs:
  • RadioTap
  • IEEE 802.11
  • Bluetooth (optional)
  • 802.15.4 and ZigBee (optional)

Wireshark Training Part 6: Analyzing and Troubleshooting IP

• IPv4 header
• IPv4 address
• IP packet fragmentation
• ICMP messaging
• RPL and 6LoWPAN to support the IoT
• Labs:
  • IP
  • ICMP
  • RPL / 6LoWPAN (optional)

Wireshark Training Part 7: Analyzing and Troubleshooting TCP

• Establishing a TCP connection
• TCP header
• Port numbers and sockets
• Selective acknowledgements
• Sliding window
• Contention and advertised receiving windows
• Congestion control
• Labs:
  • TCP 3-Way Handshake
  • TCP fields
  • TCP traffic

Wireshark Training Part 8: Analyzing and Troubleshooting UDP, and Higher Level Protocols

• Compare and contrast TCP and UDP
• UDP header
• DHCP communications
• DNS process
• HTTP/HTTPS
• Labs:
  • UDP, DNS and DHCP (optional)
  • HTTP (optional)

Wireshark Training Part 9: Analyzing IoT Sensor Network Protocols (Optional)

• IEEE 802.15.4 Low Data Rate Wireless PAN
• ZigBee PRO
• ZigBee IP
• Labs:
  • 802.15.4 and ZigBee PRO
  • RPL and 6LoWPAN

Wireshark Training Part 10: Best Practices and Course Wrap-up

• Checklists
• Managing trace files
• Course recap and conclusion
• Labs:
  • Analyze a real-life capture
  • I/O graph

DCN V.mTR.f