Using Wireshark to Analyze and Troubleshoot TCP/IP Networks

- Network engineers, IT professionals, and cybersecurity practitioners aiming to learn network analysis and troubleshooting using Wireshark.

- Developers and administrators responsible for monitoring and managing network infrastructure effectively.

- Professionals seeking to implement best practices in network security and performance analysis with Wireshark

• Explain the purpose of network analysis and the role of Wireshark in troubleshooting, optimization, and security.
• Describe Wireshark's functionality, including installation, configuration, and navigation.
• Capture network traffic on wired and wireless networks, and apply capture filters to isolate specific traffic.
• Analyze TCP/IP communications, including DNS, ARP, IPv4/IPv6, ICMP, UDP, and TCP traffic.
• Create and apply display filters to focus on specific packets and interpret trace file statistics.
• Follow streams and reassemble data for deeper analysis of conversations.
• Customize Wireshark profiles for different analysis scenarios.
• Annotate, save, export, and print packets for documentation and further analysis.
• Use Wireshark’s expert system to identify and troubleshoot network issues.
• Graph IO rates and TCP trends to visualize network performance.
• Detect scanning and discovery processes, and analyze suspect traffic for security purposes.
• Effectively use command-line tools for advanced network analysis.
  

Introduction to Network Analysis and Wireshark  

• Overview of TCP/IP Analysis
• Identifying Common Performance Issues
• Installing and Updating Wireshark
• Capturing Network Traffic
• Network Forensics Overview
• Network Forensics Techniques  

Capture Methods and Filters  

• Analyzing Switched Networks
• Using Network TAPs for Full-Duplex Links
• Wireless Network Analysis
• Configuring Capture Filters
• Detect Scanning and Discovery Processes
• Detecting Scanning and Discovery Processes

Customization and Advanced Navigation  

• Creating a Troubleshooting Profile
• Setting Up a Custom Troubleshooting Profile
• Customizing the User Interface
• Adding Custom Columns and Configuring Preferences
• Advanced Navigation Techniques
• Building Permanent Coloring Rules
• Creating and Applying Coloring Rules
• Analyze Suspect Traffic
• Analyzing Suspect Traffic

Time Values, Summaries, and Basic Statistics  

• Examining Delta Time
• Setting Time References
• Comparing Timestamp Values
• Using TCP Conversation Timestamps
• Enabling and Analyzing TCP Conversation Timestamps
• Effective Use of Command-Line Tools
• Using Command-Line Tools for Network Analysis

Protocol-Specific Traffic Analysis and Troubleshooting  

• Using Display Filters
• Filtering Conversations and Endpoints
• Building Filters Based on Packets
• Building and Applying Packet-Based Filters
• TCP/IP Communications and Resolutions

• Basic understanding of networking concepts and TCP/IP protocols.
• Familiarity with network analysis tools and techniques.
• Knowledge of foundational network security principles and practices.
• Experience with packet analysis and troubleshooting (recommended).

• GK3150 - Understanding Networking Fundamentals
• GK9025 - TCP/IP Networking