Course Overview
TOPOptimize TCP/IP networks with Wireshark . This hands-on, in-depth course provides the skills to isolate and fix network performance issues. Learn how Wireshark can solve your TCP/IP network problems by improving your ability to analyze network traffic.
Scheduled Classes
TOP09/23/24 - GVT - Virtual Classroom - Virtual Instructor-Led | |
10/07/24 - GVT - Virtual Classroom - Virtual Instructor-Led | |
10/21/24 - GVT - Virtual Classroom - Virtual Instructor-Led | |
11/04/24 - GVT - Virtual Classroom - Virtual Instructor-Led | |
01/06/25 - GVT - Virtual Classroom - Virtual Instructor-Led | |
02/24/25 - GVT - Virtual Classroom - Virtual Instructor-Led | |
03/17/25 - GVT - Virtual Classroom - Virtual Instructor-Led | |
03/17/25 - GVT - Virtual Classroom - Virtual Instructor-Led | |
04/28/25 - GVT - Virtual Classroom - Virtual Instructor-Led | |
04/28/25 - GVT - Virtual Classroom - Virtual Instructor-Led |
Outline
TOP1. Introduction to Network Analysis and Wireshark
- TCP/IP Analysis Checklist
- Top Causes of Performance Problems
- Get the Latest Version of Wireshark
- Capturing Traffic
- Opening Trace Files
- Processing Packets
- The Qt Interface Overview
- Using Linked Panes
- The Icon Toolbar
- Master the Intelligent Scrollbar
- The Changing Status Bar
- Right-Click Functionality
- General Analyst Resources
- Your First Task When You Leave Class
2. Learn Capture Methods and Use Capture Filters
- Analyze Switched Networks
- Walk-Through a Sample SPAN Configuration
- Analyze Full-Duplex Links with a Network TAP
- Analyze Wireless Networks
- USB Capture
- Initial Analyzing Placement
- Remote Capture Techniques
- Available Capture Interfaces
- Save Directly to Disk
- Capture File Configurations
- Limit Your Capture with Capture Filters
- Examine Key Capture Filters
3. Customize for Efficiency: Configure Your Global Preferences
- First Step: Create a Troubleshooting Profile
- Customize the User Interface
- Add Custom Columns for the Packet List Pane
- Set Your Global Capture Preferences
- Define Name Resolution Preferences
- Configure Individual Protocol Preferences
4. Navigate Quickly and Focus Faster with Coloring Techniques
- Move Around Quickly: Navigation Techniques
- Find a Packet Based on Various Characteristics
- Build Permanent Coloring Rules
- Identify a Coloring Source
- Use the Intelligent Scrollbar with Custom Coloring Rules
- Apply Temporary Coloring
- Mark Packets of Interest
5. Spot Network and Application Issues with Time Values and Summaries
- Examine the Delta Time (End-of-Packet to End-of-Packet)
- Set a Time Reference
- Compare Timestamp Values
- Compare Timestamps of Filtered Traffic
- Enable and Use TCP Conversation Timestamps
- Compare TCP Conversation Timestamp Values
- Determine the Initial Round Trip Time (iRTT)
- Troubleshooting Example Using Time
- Analyze Delay Types
6. Create and Interpret Basic Trace File Statistics
- Examine Trace File Summary Information
- View Active Protocols
- Graph Throughput to Spot Performance Problems Quickly
- Locate the Most Active Conversations and Endpoints
- Other Conversation Options
- Graph the Traffic Flows for a More Complete View
- Burst Statistics
- Numerous Other Statistics are Available
- Quick Overview of VoIP Traffic Analysis
- SIP and RTP Analysis Overview
- SIP Call Setup
- Analyzing Call Setup with SIP
- Session Bandwidth and RTP Port Definition
7. Focus on Traffic Using Display Filters
- Display Filters
- Filter on Conversations/Endpoints
- Build Filters Based on Packets
- Display Filter Syntax
- Use Comparison Operators and Advanced Filters
- Filter on Text Strings
- Build Filters Based on Expressions
- Watch for Common Display Filter Mistakes
- Share Your Display Filters
8. TCP/IP Communications and Resolutions Overview
- TCP/IP Functionality
- When Everything Goes Right
- The Multi-Step Resolution Process
- Resolution Helped Build the Packet
- Where Faults Can Occur
- Typical Causes of Slow Performance
9. Analyze DNS Traffic
- DNS Overview
- DNS Packet Structure
- DNS Queries
- Filter on DNS Traffic
- Analyze Normal/Problem DNS Traffic
10. Analyze ARP Traffic
- ARP Overview
- ARP Packet Structure
- Filter on ARP Traffic
- Analyze Normal/Problem ARP Traffic
11. Analyze IPv4 Traffic
- IPv4 Overview
- IPv4 Packet Structure
- Analyze Broadcast/Multicast Traffic
- Filter on IPv4 Traffic
- IP Protocol Preferences
- Analyze Normal/Problem IP Traffic
12. Analyze ICMP Traffic
- ICMP Overview
- ICMP Packet Structure
- Filter on ICMP Traffic
- Analyze Normal/Problem ICMP Traffic
13. Analyze UDP Traffic
- UDP Overview
- Watch for Service Refusals
- UDP Packet Structure
- Filter on UDP Traffic
- Follow UDP Streams to Reassemble Data
- Analyze Normal/Problem UDP Traffic
14. Analyze TCP Protocol
- TCP Overview
- The TCP Connection Process
- TCP Handshake Problem
- Watch Service Refusals
- TCP Packet Structure
- The TCP Sequencing/Acknowledgment Process
- Packet Loss Detection in Wireshark
- Fast Recovery/Fast Retransmission Detection in Wireshark
- Retransmission Detection in Wireshark
- Out-of-Order Segment Detection in Wireshark
- Selective Acknowledgement (SACK)
- Window Scaling
- Window Size Issue: Receive Buffer Problem
- Window Size Issue: Unequal Window Size Beliefs
- TCP Sliding Window Overview
- Troubleshoot TCP Quickly with Expert Info
- Filter on TCP Traffic and TCP Problems
- Properly Set TCP Preferences
- Follow TCP Streams to Reassemble Data 16. Examine Advanced Trace File Statistics
- Build Advanced IO Graphs
- Graph Round Trip Times
- Graph TCP Throughput
- Find Problems Using TCP Time-Sequence Graphs
15. Graph Traffic Characteristics
- Advanced I/O Graphing
- Graph Round Trip Times
- Graph TCP Throughput
- Find Problems Using TCP Time Sequence Graphs
16. Analyze HTTP Traffic
- HTTP Overview
- HTTP Packet Structure
- Filter on HTTP Traffic
- Reassembling HTTP Objects
- HTTP Statistics
- HTTP Response Time
- Overview of HTTP/2
- HTTP/2 Analysis Fundamentals
- HTTP /2 Frame Format
- Analyze Normal/Problem HTTP Traffic
17. Analyze TLS-Encrypted Traffic (HTTPS)
- Analyze HTTPS Traffic
- Encrypted Alerts
- Decryption Steps
- Filter on SSL
18. Review Your 10 Key Troubleshooting Steps
- Baseline "NormalTraffic
- Use Color
- Look Who's Talking: Examine Conversations and Endpoints
- Focus by Filtering
- Create Basic IO Graphs
- Examine Delta Time Values
- Examine the Expert System
- Follow the Streams
- Graph Bandwidth Use, Round Trip Time, and TCP Time/Sequence Information
- Watch Refusals and Redirections
Prerequisites
TOPWho Should Attend
TOPAnyone interested in learning to troubleshoot and optimize TCP/IP networks and analyze network traffic with Wireshark, especially network engineers, information technology specialists, security analysts, and those preparing for the Wireshark Certified Network Analyst exam.