title
Please take a moment to fill out this form. We will get back to you as soon as possible.
All fields marked with an asterisk (*) are mandatory.
Troubleshooting TCP/IP Networks with Wireshark
Course Description
Overview
In this hands-on Troubleshooting TCP/IP Networks with Wireshark course, you will receive in-depth training on Wireshark® and TCP/IP communications analysis. You will learn to use Wireshark to identify the most common causes of performance problems in TCP/IP communications. You will develop a thorough understanding of how to use Wireshark efficiently to spot the primary sources of network performance problems, and you will prepare for the latest Wireshark certification exam.Learn to use Wireshark to troubleshoot TCP/IP networks while preparing for the Wireshark Certified Network Analyst exam.
Objectives
- Top 10 reasons for network performance complaints
- Place the analyzer properly for traffic capture on a variety of network types
- Capture packets on wired and wireless networks
- Configure Wireshark for best performance and non-intrusive analysis
- Navigate through, split, and work with large traffic files
- Use time values to identify network performance problems
- Create statistical charts and graphs to pinpoint performance issues
- Filter out traffic for more efficient troubleshooting and analysis
- Customize Wireshark coloring to focus on network problems faster
- Use Wireshark's Expert System to understand various traffic problems
- Use the TCP/IP Resolution Flowchart to identify possible communication faults
- Analyze normal/abnormal Domain Name System (DNS) traffic
- Analyze normal/abnormal Address Resolution Protocol (ARP) traffic
- Analyze normal/abnormal Internet Protocol v4 (IPv4) traffic
- Analyze normal/abnormal Internet Control Messaging Protocol (ICMP) traffic
- Analyze normal/abnormal User Datagram Protocol (UDP) traffic
- Analyze normal/abnormal Transmission Control Protocol (TCP) traffic
- Analyze normal/abnormal Hypertext Transport Protocol (HTTP/HTTPS) traffic
Audience
- Anyone interested in learning to troubleshoot and optimize TCP/IP networks and analyze network traffic with Wireshark, especially network engineers, information technology specialists, security analysts, and those preparing for the Wireshark Certified Network Analyst exam.
Prerequisites
- TCP/IP Networking recommended
Topics
- TCP/IP Analysis Checklist
- Top Causes of Performance Problems
- Get the Latest Version of Wireshark
- Capturing Traffic
- Opening Trace Files
- Processing Packets
- GTK Interface
- The Icon Toolbar
- The Changing Status Bar
- Right-Click Functionality
- General Analyst Resources
- Your First Task When You Leave Class
- Checksum Issues at Capture
- Analyze Switched Networks
- Walk-Through a Sample SPAN Configuration
- Analyze Full-Duplex Links with a Network TAP
- Analyze Wireless Networks
- Initial Analyzing Placement
- Remote Capture Techniques
- Available Capture Interfaces
- Save Directly to Disk
- Capture File Configurations
- Limit Your Capture with Capture Filters
- Examine Key Capture Filters
- First Step: Create a Troubleshooting Profile
- Customize the User Interface
- Add Custom Columns for the Packet List Pane
- Set Your Global Capture Preferences
- Define Name Resolution Preferences
- Configure Individual Protocol Preferences
- Move Around Quickly: Navigation Techniques
- Find a Packet Based on Various Characteristics
- Build Permanent Coloring Rules
- Identify a Coloring Source
- Apply Temporary Coloring
- Mark Packets of Interest
- Examine the Delta Time (End-of-Packet to End-of-Packet)
- Set a Time Reference
- Compare Timestamp Values
- Compare Timestamps of Filtered Traffic
- Enable and Use TCP Conversation Timestamps
- Compare TCP Conversation Timestamp Values
- Troubleshooting Example Using Time
- Analyze Delay Types
- Examine Trace File Summary Information
- View Active Protocols
- Graph Throughput to Spot Performance Problems Quickly
- Locate the Most Active Conversations and Endpoints
- Other Conversation Options
- Graph the Traffic Flows for a More Complete View
- Numerous Other Statistics are Available
- Quick Overview of VoIP Traffic Analysis Tools
- Display Filters
- Filter on Conversations/Endpoints
- Build Filters Based on Packets
- Display Filter Syntax
- Use Comparison Operators and Advanced Filters
- Filter on Text Strings
- Build Filters Based on Expressions
- Watch for Common Display Filter Mistakes
- Manually Edit the dfilters File
- TShark and Dumpcap Command-Line Tools
- Capinfos Command-Line Tool
- Editcap Command-Line Tool
- Mergecap Command-Line Tool
- Text2pcap Command-Line Tool
- Split and Merge Trace Files
- TCP/IP Functionality
- When Everything Goes Right
- The Multi-Step Resolution Process
- Resolution Helped Build the Packet
- Where Faults Can Occur
- Typical Causes of Slow Performance
- DNS Overview
- DNS Packet Structure
- DNS Queries
- Filter on DNS Traffic
- Analyze Normal/Problem DNS Traffic
- ARP Overview
- ARP Packet Structure
- Filter on ARP Traffic
- Analyze Normal/Problem ARP Traffic
- IPv4 Overview
- IPv4 Packet Structure
- Analyze Broadcast/Multicast Traffic
- Filter on IPv4 Traffic
- IP Protocol Preferences
- Analyze Normal/Problem IP Traffic
- ICMP Overview
- ICMP Packet Structure
- Filter on ICMP Traffic
- Analyze Normal/Problem ICMP Traffic
- UDP Overview
- Watch for Service Refusals
- UDP Packet Structure
- Filter on UDP Traffic
- Follow UDP Streams to Reassemble Data
- Analyze Normal/Problem UDP Traffic
- TCP Overview
- The TCP Connection Process
- TCP Handshake Problem
- Watch Service Refusals
- TCP Packet Structure
- The TCP Sequencing/Acknowledgment Process
- Packet Loss Detection in Wireshark
- Fast Recovery/Fast Retransmission Detection in Wireshark
- Retransmission Detection in Wireshark
- Out-of-Order Segment Detection in Wireshark
- Selective Acknowledgement (SACK)
- Window Scaling
- Window Size Issue: Receive Buffer Problem
- Window Size Issue: Unequal Window Size Beliefs
- TCP Sliding Window Overview
- Troubleshoot TCP Quickly with Expert Info
- Filter on TCP Traffic and TCP Problems
- Properly Set TCP Preferences
- Follow TCP Streams to Reassemble Data
- Build Advanced IO Graphs
- Graph Round Trip Times
- Graph TCP Throughput
- Find Problems Using TCP Time-Sequence Graphs
- HTTP Overview
- HTTP Packet Structure
- Filter on HTTP Traffic
- Reassembling HTTP Objects
- HTTP Statistics
- Analyze Normal/Problem HTTP Traffic
- Examining SSL/HTTPS Traffic
- Wireshark v1.6.0 Bug Alert #201106
- Filter on SSL
- FTP Overview
- FTP Packet Structure
- Analyze Active Mode Connections
- Analyze Passive Mode Connections
- Filter on FTP Traffic
- Analyze Normal/Problem FTP Traffic
- Baseline 'NormalTraffic
- Use Color
- Look Who's Talking: Examine Conversations and Endpoints
- Focus by Filtering
- Create Basic IO Graphs
- Examine Delta Time Values
- Examine the Expert System
- Follow the Streams
- Graph Bandwidth Use, Round Trip Time, and TCP Time/Sequence Information
- Watch Refusals and Redirections
- Each section of this course includes hands-on labs to test and reinforce concepts and practice tasks.
- This course is part of the following programs or tracks: Wireshark® Certified Network Analyst
Related Courses
-
Professional Services
LQPS- Duration: 1 Day
- Delivery Format: Classroom Training, Online Training
- Price: 0.00 USD
-
Introduction to Oracle Database 12c and SQL
DBOR-950- Duration: 3 Days
- Delivery Format: Classroom Training, Online Training
- Price: 2,100.00 USD
Self-Paced Training Info
Learn at your own pace with anytime, anywhere training
- Same in-demand topics as instructor-led public and private classes.
- Standalone learning or supplemental reinforcement.
- e-Learning content varies by course and technology.
- View the Self-Paced version of this outline and what is included in the SPVC course.
- Learn more about e-Learning
Course Added To Shopping Cart
bla
bla
bla
bla
bla
bla
Self-Paced Training Terms & Conditions
Sorry, there are no classes that meet your criteria.
Please contact us to schedule a class.
STOP! Before You Leave
Save 0% on this course!
Take advantage of our online-only offer & save 0% on any course !
Promo Code skip0 will be applied to your registration