Detailed Course Outline
Functions and basic operation of Wireshark Analyzer
- Introduction and operation of the Analyzer
- Live capture and live capture settings
- Display options and analysis possibilities
- Working with Capture Filter and Display Filter
- File Input and Output
Advanced functions of Wireshark
- Settings and user profiles
- Name resolution
- Reconstruction of user data - Reassembly of the protocol
- Packet coloring
Methods and techniques for analysis and troubleshooting
- What is packet analysis?
- Steps and techniques of traffic analysis
- Ethernet switch analysis
- Recording of wireless network traffic
- Determining delay and response times
- Measure and determine throughput and overhead
- Statistics and baselining
- Baselining of applications on the network
- Wireshark statistics
- Network problems vs. application problems
- Typical network problems
- Application types and typical application problems
- "Is it the network or the application?" - Isolation of error situations
- Analysis and reconstruction of voice traffic
Switched Ethernet Analysis
- Ethernet Analysis
- VLANs and VLAN tagging
TCP/IP analysis of the network layer
- IP Addressing
- Typical IP network problems
- IP options
- ICMP, ARP and DHCP
TCP/IP Analysis of the Transport Layer
- TCP Functions
- Session Setup, Data Transfer and Session Teardown
- Window mechanism and window optimization
- TCP options (SACK, Window Scaling) and TCP timer
- TCP graphs
- UDP functions
Analysis of TCP/IP with Wireshark
- Wireshark settings for advanced TCP/IP analysis
- Typical problems with TCP/IP
- Wireshark Expert info messages and their meaning
TCP/IP applications
- HTTP
- FTP
- DNS
- TLS