Uploaded by Raneesh BR

Wireshark Course content

advertisement
WIRESHARK COURSE CONTENT
LAB 1 - HANDS-ON WITH WIRESHARK
LAB 1 - WALKTHROUGH - HANDS-ON WITH WIRESHARK
WHAT ARE WIRESHARK PROFILES AND WHY SHOULD WE
USE THEM?
CONFIGURING PROFILES, ADDING CUSTOM COLUMNS
COLORING TRAFFIC
ADJUSTING THE SCREEN LAYOUT
LAB 2 - CONFIGURING THE WIRESHARK INTERFACE
LAB 2 - WALKTHROUGH - CONFIGURING THE WIRESHARK
INTERFACE
INTRODUCTION TO WIRESHARK FILTERS
FILTERING FOR IP ADDRESSES, SOURCE OR DESTINATION
FILTERING FOR PROTOCOLS AND PORT NUMBERS
USING OPERATORS WHEN FILTERING TRAFFIC
SPECIAL OPERATORS - CONTAINS, MATCHES, AND IN
LAB: HOW TO USE SPECIAL OPERATORS WHEN FILTERING
LAB 3 - CREATING DISPLAY FILTERS IN WIRESHARK
LAB 3 - WALKTHROUGH - CREATING DISPLAY FILTERS
HOW TO CAPTURE IN A SWITCHED ENVIRONMENT - LOCAL
CAPTURE VS SPAN VS TAP
CAPTURING AT MULTIPLE LOCATIONS
CAPTURING TRAFFIC WITH THE WIRESHARK USER
INTERFACE
HOW TO CAPTURE INTERMITTENT PROBLEMS - LONG TERM
CAPTURE CONFIGURATION
HOW AND WHERE TO CAPTURE PACKETS
PACKETS AND THE OSI MODEL
ETHERNET - THE FRAME HEADER
UNICASTS VS BROADCASTS VS MULTICASTS
THE INTERNET PROTOCOL - LEARNING THE HEADER VALUES
FOLLOWING A PACKET THROUGH THE NETWORK - REENCAPSULATION
LAB 4 - ANALYZING A PACKET FROM MULTIPLE CAPTURE
POINTS
LAB 4 - WALKTHROUGH - ANALYZING A PACKET
DIGGING DEEPER INTO THE IP ID
HOW TO USE THE TTL FIELD
HOW IP FRAGMENTATION WORKS
THE IP FLAGS
WHOA! INVESTIGATING SUSPECT SCAN ACTIVITY
A LOOK AT IPV6
CONFIGURING WIRESHARK TO FIND GEOIP LOCATIONS
ANALYZING A DDOS ATTACK WITH GEOIP
LAB 5 - IS THIS SCAN AS BAD AS IT LOOKS
LAB 5 - WALKTHROUGH - IS THIS SCAN AS BAD AS IT
LOOKS?
UDP - PRACTICAL
UDP INTRO
THE UDP HEADER EXPLAINED
HOW DHCP WORKS
ANALYZING DNS
TROUBLESHOOTING VOIP AND VIDEO STREAMS
UDP REVIEW
PRACTICAL TCP - THE HANDSHAKE
HANDS-ON WITH TCP FLAGS
ANALYZING TCP OPTIONS
HOW SEQUENCE AND ACKNOWLEDGEMENT NUMBERS WORK
DIGGING INTO RETRANSMISSIONS
FINS VS RESETS
LAB 6 - IS IT THE CLIENT, NETWORK, OR SERVER?
LAB 6- WALKTHROUGH - IS IT THE CLIENT, NETWORK, OR
SERVER?
TCP ANALYSIS REVIEW
TOP 5 KNOW ISSUES IN THE NETWORK AND
TROUBLESHOOTING WITH WIRESHARK
1. SLOW APPLICATIONS RESPONSE TIME
2. HIGH NETWORK LATENCY
3. NETWORK PACKET LOSS
4. SLOW FILE TRANSFERS - TCP WINDOW PROBLEMS
5. NETWORK/APPLICATION DISCONNECTS - TCP RESETS
Download