OuTline
This course will concentrate on how to get up and running with Wireshark.
Throughout the class, Tony will determine which technical areas to focus on and review network concepts from a tactical perspective. Network basics are reinforced with hands-on examples in a collaborative environment.
Tony's famous “So What?” technique is reviewed with the students after any important concept is presented. This ensures that the students fully understand the theory or concept just presented beforing moving on.
The goal of the course is to empower the students with enough knowledge that they can immediately apply when they retuen to work. This technique leaves them with an inclination to understand new technology and to become an efficient troubleshooter.
- What is a Protocol Analyzer?
- TCP/IP Task Offload in NDIS 5
- Wireshark - Getting Started Tips
- Wireshark TCP Checksums
- Wireshark Desktop Shortcut to Start Capturing
- Windows Installation Command Line Option
- Make It Easier To Launch Wireshark
- Wireshark Edit -> Preferences
- Capture Options Dialogue Box
- Capturing From The Command line
- Capture Filters
- Capture Stop Triggers and Ring Buffers
- Frame Display Options
- Name Resolution Notes
- Endpoints and Conversation List
- Flow Graph Statistics
- Expert Info
- Display Filters
- Follow UDP/TCP Stream
- Using Packet Bookmarks
- Composite Exporting from Wireshark into Excel for advanced reporting.
- Capture packet from the command prompt to a file
- Search packet for payload specifics
- FTP & HTTP review
- Review TCP/UDP/IP protocols
- Saving filtered packets
- Troubleshooting Using Wireshark
- Dynamic Baselining
- To ARP or not to ARP? Promiscuous ARP
- DHCP
- Route, Netstat, nbtstat
- Tracert versus Ping, Internet Control Message Protocol (ICMP)
- PMTU discovery
- Time To Live Exceeded, Fragmentation
- What is tcp Window frozen, ALMOST FORZEN and Window exceeded?
- How to determine if applications or stations are overloaded?
- lots of hands on exercises