Wireshark Fundamentals (2 Days)
Skill Level: Beginner to Intermediate
This hands-on class teaches core concepts with Wireshark. Get comfortable with analyzer placement, packet capture methods, and the Wireshark user interface. Attendees will gain the skills necessary to filter and interpret the traffic that really matters. This course is available remotely or onsite, and can be customized to fit your training needs.
- Installing and configuring Wireshark
- Where to start with a new trace file
- Creating Wireshark Profiles
- Understanding Columns
- Capture Methods in a Switched Environment – Hubs, Taps, SPANS
- Capturing Traffic with Wireshark
- Creating Advanced Display Filters
- The Ethernet Frame
- ARP
- IP Core Concepts
- The IP Header
- Interpreting TTLs
- Differentiated Services
- Segmentation
- TCP Core Concepts
- The TCP Handshake TCP Options
- TCP Receive Window Retransmission Timers Out of Order Conditions TCP Flags
Digging Deeper with Wireshark (1-2 Days)
Skill Level: Intermediate to Advanced
This hands-on class goes beyond the basics and into the weeds of TCP and other core protocols.
Get an in-depth understanding of HTTP, DNS, TCP, UDP, and VoIP using both sample trace files and live captures from your environment. Available onsite or delivered remotely.
- Wireshark Command Line Tools
- TCP Advanced Topics and Filters
- Reading Sequence and Acknowledgement Numbers
- Selective Acks
- Sliding Windows
- Stream Graphs with Wireshark
- HTTP Analysis
- Command / Response Codes
- Timing Server Delay
- Timing Application Delay
- Configuring custom ports
- UDP Analysis
- Connectionless Communication
- DNS
- VoIP Analysis
- SIP Analysis
- RTP Stream Analysis
- Call Playback
- Multi-Tier Application Analysis