Using Wireshark to Analyze and Troubleshoot TCP/IP Networks

Using Wireshark to Analyze and Troubleshoot TCP/IP Networks is a hands-on course designed for IT professionals who want to sharpen their skills in network traffic analysis. The course blends theory with practical labs, guiding learners through capturing, filtering, and interpreting network packets using Wireshark. Participants will explore real-world scenarios involving performance bottlenecks, security threats, and protocol-specific behaviors, gaining the confidence to troubleshoot complex network issues.

Throughout the course, learners will build custom Wireshark profiles, apply advanced filtering techniques, and analyze traffic across wired and wireless networks. From identifying scanning activity and suspicious payloads to visualizing TCP trends and using command-line tools, the curriculum is structured to provide both foundational knowledge and advanced troubleshooting strategies. While not marketed as official certification prep, the course aligns well with the Wireshark Certified Analyst (WCA) exam objectives, making it a valuable resource for those pursuing certification or simply looking to deepen their expertise.

• Overview of TCP/IP Analysis
• Identifying Common Performance Issues
• Installing and Updating Wireshark
• Capturing Network Traffic
• Network Forensics Overview
• Network Forensics Techniques

• Analyzing Switched Networks
• Using Network TAPs for Full-Duplex Links
• Wireless Network Analysis
• Configuring Capture Filters
• Detect Scanning and Discovery Processes
• Detecting Scanning and Discovery Processes

• Creating a Troubleshooting Profile
• Setting Up a Custom Troubleshooting Profile
• Customizing the User Interface
• Adding Custom Columns and Configuring Preferences
• Advanced Navigation Techniques
• Building Permanent Coloring Rules
• Creating and Applying Coloring Rules
• Analyze Suspect Traffic
• Analyzing Suspect Traffic

• Examining Delta Time
• Setting Time References
• Comparing Timestamp Values
• Using TCP Conversation Timestamps
• Enabling and Analyzing TCP Conversation Timestamps
• Effective Use of Command-Line Tools
• Using Command-Line Tools for Network Analysis

• Using Display Filters
• Filtering Conversations and Endpoints
• Building Filters Based on Packets
• Building and Applying Packet-Based Filters
• TCP/IP Communications and Resolutions

• Basic understanding of networking concepts and TCP/IP protocols.
• Familiarity with network analysis tools and techniques.
• Knowledge of foundational network security principles and practices.
• Experience with packet analysis and troubleshooting (recommended).

• Network engineers, IT professionals, and cybersecurity practitioners aiming to learn network analysis and troubleshooting using Wireshark.
• Developers and administrators responsible for monitoring and managing network infrastructure effectively.
• Professionals seeking to implement best practices in network security and performance analysis with Wireshark.