Troubleshooting TCP/IP Networks with Wireshark Training

Troubleshooting TCP/IP Networks with Wireshark Training


Troubleshooting TCP/IP Networks with Wireshark Training Hands-on course

In this hands-on Troubleshooting TCP/IP Networks with Wireshark Training course, you will receive in-depth training on Wireshark and TCP/IP communications analysis. With Troubleshooting TCP/IP Networks with Wireshark Training, you will also learn to use Wireshark to identify the most common causes of performance problems in TCP/IP communications. You will develop a thorough understanding of how to use Wireshark efficiently to spot the primary sources of network performance problems, and you will prepare for the latest Wireshark Certified Network Analyst (WCNA) certification exam.

This Troubleshooting TCP/IP Networks with Wireshark Training course includes the official Wireshark study guide to help you prepare for the WCNA certification exam.

Customize It:

With onsite Training, courses can be scheduled on a date that is convenient for you, and because they can be scheduled at your location, you don’t incur travel costs and students won’t be away from home. Onsite classes can also be tailored to meet your needs. You might shorten a 5-day class into a 3-day class, or combine portions of several related courses into a single course, or have the instructor vary the emphasis of topics depending on your staff’s and site’s requirements.

Audience/Target Group

Anyone interested in learning to troubleshoot and optimize TCP/IP networks and analyze network traffic with Wireshark, especially network engineers, information technology specialists, security analysts, and those preparing for the Wireshark Certified Network Analyst exam.

Troubleshooting TCP/IP Networks with Wireshark TrainingRelated Courses:

Duration: 5 days

Skilled Gained:

Top 10 reasons for network performance complaints
Place the analyzer properly for traffic capture on a variety of network types
Capture packets on wired and wireless networks
Configure Wireshark for best performance and non-intrusive analysis
Navigate through, split, and work with large traffic files
Use time values to identify network performance problems
Create statistical charts and graphs to pinpoint performance issues
Filter out traffic for more efficient troubleshooting and analysis
Customize Wireshark coloring to focus on network problems faster
Use Wireshark's Expert System to understand various traffic problems
Use the TCP/IP Resolution Flowchart to identify possible communication faults
Analyze normal/abnormal Domain Name System (DNS) traffic
Analyze normal/abnormal Address Resolution Protocol (ARP) traffic
Analyze normal/abnormal Internet Protocol v4 (IPv4) traffic
Analyze normal/abnormal Internet Control Messaging Protocol (ICMP) traffic
Analyze normal/abnormal User Datagram Protocol (UDP) traffic
Analyze normal/abnormal Transmission Control Protocol (TCP) traffic
Analyze normal/abnormal Hypertext Transport Protocol (HTTP/HTTPS) traffic

Course Content:

1. Introduction to Network Analysis and Wireshark

TCP/IP Analysis Checklist
Top Causes of Performance Problems
Get the Latest Version of Wireshark
Capturing Traffic
Opening Trace Files
Processing Packets
GTK Interface
The Icon Toolbar
The Changing Status Bar
Right-Click Functionality
General Analyst Resources
Your First Task When You Leave Class

2. Learn Capture Methods and Use Capture Filters

Checksum Issues at Capture
Analyze Switched Networks
Walk-Through a Sample SPAN Configuration
Analyze Full-Duplex Links with a Network TAP
Analyze Wireless Networks
Initial Analyzing Placement
Remote Capture Techniques
Available Capture Interfaces
Save Directly to Disk
Capture File Configurations
Limit Your Capture with Capture Filters
Examine Key Capture Filters

3. Customize for Efficiency: Configure Your Global Preferences

First Step: Create a Troubleshooting Profile
Customize the User Interface
Add Custom Columns for the Packet List Pane
Set Your Global Capture Preferences
Define Name Resolution Preferences
Configure Individual Protocol Preferences

4. Navigate Quickly and Focus Faster with Coloring Techniques

Move Around Quickly: Navigation Techniques
Find a Packet Based on Various Characteristics
Build Permanent Coloring Rules
Identify a Coloring Source
Apply Temporary Coloring
Mark Packets of Interest

5. Spot Network and Application Issues with Time Values and Summaries

Examine the Delta Time (End-of-Packet to End-of-Packet)
Set a Time Reference
Compare Timestamp Values
Compare Timestamps of Filtered Traffic
Enable and Use TCP Conversation Timestamps
Compare TCP Conversation Timestamp Values
Troubleshooting Example Using Time
Analyze Delay Types

6. Create and Interpret Basic Trace File Statistics

Examine Trace File Summary Information
View Active Protocols
Graph Throughput to Spot Performance Problems Quickly
Locate the Most Active Conversations and Endpoints
Other Conversation Options
Graph the Traffic Flows for a More Complete View
Numerous Other Statistics are Available
Quick Overview of VoIP Traffic Analysis Tools

7. Focus on Traffic Using Display Filters

Display Filters
Filter on Conversations/Endpoints
Build Filters Based on Packets
Display Filter Syntax
Use Comparison Operators and Advanced Filters
Filter on Text Strings
Build Filters Based on Expressions
Watch for Common Display Filter Mistakes
Manually Edit the dfilters File

8. Effectively Use Command-Line Tools

TShark and Dumpcap Command-Line Tools
Capinfos Command-Line Tool
Editcap Command-Line Tool
Mergecap Command-Line Tool
Text2pcap Command-Line Tool
Split and Merge Trace Files

9. TCP/IP Communications and Resolutions Overview

TCP/IP Functionality
When Everything Goes Right
The Multi-Step Resolution Process
Resolution Helped Build the Packet
Where Faults Can Occur
Typical Causes of Slow Performance

10. Analyze DNS Traffic

DNS Overview
DNS Packet Structure
DNS Queries
Filter on DNS Traffic
Analyze Normal/Problem DNS Traffic

11. Analyze ARP Traffic

ARP Overview
ARP Packet Structure
Filter on ARP Traffic
Analyze Normal/Problem ARP Traffic

12. Analyze IPv4 Traffic

IPv4 Overview
IPv4 Packet Structure
Analyze Broadcast/Multicast Traffic
Filter on IPv4 Traffic
IP Protocol Preferences
Analyze Normal/Problem IP Traffic

13. Analyze ICMP Traffic

ICMP Overview
ICMP Packet Structure
Filter on ICMP Traffic
Analyze Normal/Problem ICMP Traffic

14. Analyze UDP Traffic

UDP Overview
Watch for Service Refusals
UDP Packet Structure
Filter on UDP Traffic
Follow UDP Streams to Reassemble Data
Analyze Normal/Problem UDP Traffic

15. Analyze TCP Protocol

TCP Overview
The TCP Connection Process
TCP Handshake Problem
Watch Service Refusals
TCP Packet Structure
The TCP Sequencing/Acknowledgment Process
Packet Loss Detection in Wireshark
Fast Recovery/Fast Retransmission Detection in Wireshark
Retransmission Detection in Wireshark
Out-of-Order Segment Detection in Wireshark
Selective Acknowledgement (SACK)
Window Scaling
Window Size Issue: Receive Buffer Problem
Window Size Issue: Unequal Window Size Beliefs
TCP Sliding Window Overview
Troubleshoot TCP Quickly with Expert Info
Filter on TCP Traffic and TCP Problems
Properly Set TCP Preferences
Follow TCP Streams to Reassemble Data

16. Examine Advanced Trace File Statistics

Build Advanced IO Graphs
Graph Round Trip Times
Graph TCP Throughput
Find Problems Using TCP Time-Sequence Graphs

17. Analyze HTTP Traffic

HTTP Overview
HTTP Packet Structure
Filter on HTTP Traffic
Reassembling HTTP Objects
HTTP Statistics
Analyze Normal/Problem HTTP Traffic

18. Analyze SSL-Encrypted Traffic (HTTPS)

Examining SSL/HTTPS Traffic
Wireshark v1.6.0 Bug Alert #201106
Filter on SSL

19. Analyze File Transfer Protocol (FTP) Traffic

FTP Overview
FTP Packet Structure
Analyze Active Mode Connections
Analyze Passive Mode Connections
Filter on FTP Traffic
Analyze Normal/Problem FTP Traffic

20. Your 10 Key Troubleshooting Steps

Request More Information

Time Frame: 0-3 Months4-12 Months

No Comments Yet.

Leave a comment