WIRESHARK COURSE CONTENT LAB 1 - HANDS-ON WITH WIRESHARK LAB 1 - WALKTHROUGH - HANDS-ON WITH WIRESHARK WHAT ARE WIRESHARK PROFILES AND WHY SHOULD WE USE THEM? CONFIGURING PROFILES, ADDING CUSTOM COLUMNS COLORING TRAFFIC ADJUSTING THE SCREEN LAYOUT LAB 2 - CONFIGURING THE WIRESHARK INTERFACE LAB 2 - WALKTHROUGH - CONFIGURING THE WIRESHARK INTERFACE INTRODUCTION TO WIRESHARK FILTERS FILTERING FOR IP ADDRESSES, SOURCE OR DESTINATION FILTERING FOR PROTOCOLS AND PORT NUMBERS USING OPERATORS WHEN FILTERING TRAFFIC SPECIAL OPERATORS - CONTAINS, MATCHES, AND IN LAB: HOW TO USE SPECIAL OPERATORS WHEN FILTERING LAB 3 - CREATING DISPLAY FILTERS IN WIRESHARK LAB 3 - WALKTHROUGH - CREATING DISPLAY FILTERS HOW TO CAPTURE IN A SWITCHED ENVIRONMENT - LOCAL CAPTURE VS SPAN VS TAP CAPTURING AT MULTIPLE LOCATIONS CAPTURING TRAFFIC WITH THE WIRESHARK USER INTERFACE HOW TO CAPTURE INTERMITTENT PROBLEMS - LONG TERM CAPTURE CONFIGURATION HOW AND WHERE TO CAPTURE PACKETS PACKETS AND THE OSI MODEL ETHERNET - THE FRAME HEADER UNICASTS VS BROADCASTS VS MULTICASTS THE INTERNET PROTOCOL - LEARNING THE HEADER VALUES FOLLOWING A PACKET THROUGH THE NETWORK - REENCAPSULATION LAB 4 - ANALYZING A PACKET FROM MULTIPLE CAPTURE POINTS LAB 4 - WALKTHROUGH - ANALYZING A PACKET DIGGING DEEPER INTO THE IP ID HOW TO USE THE TTL FIELD HOW IP FRAGMENTATION WORKS THE IP FLAGS WHOA! INVESTIGATING SUSPECT SCAN ACTIVITY A LOOK AT IPV6 CONFIGURING WIRESHARK TO FIND GEOIP LOCATIONS ANALYZING A DDOS ATTACK WITH GEOIP LAB 5 - IS THIS SCAN AS BAD AS IT LOOKS LAB 5 - WALKTHROUGH - IS THIS SCAN AS BAD AS IT LOOKS? UDP - PRACTICAL UDP INTRO THE UDP HEADER EXPLAINED HOW DHCP WORKS ANALYZING DNS TROUBLESHOOTING VOIP AND VIDEO STREAMS UDP REVIEW PRACTICAL TCP - THE HANDSHAKE HANDS-ON WITH TCP FLAGS ANALYZING TCP OPTIONS HOW SEQUENCE AND ACKNOWLEDGEMENT NUMBERS WORK DIGGING INTO RETRANSMISSIONS FINS VS RESETS LAB 6 - IS IT THE CLIENT, NETWORK, OR SERVER? LAB 6- WALKTHROUGH - IS IT THE CLIENT, NETWORK, OR SERVER? TCP ANALYSIS REVIEW TOP 5 KNOW ISSUES IN THE NETWORK AND TROUBLESHOOTING WITH WIRESHARK 1. SLOW APPLICATIONS RESPONSE TIME 2. HIGH NETWORK LATENCY 3. NETWORK PACKET LOSS 4. SLOW FILE TRANSFERS - TCP WINDOW PROBLEMS 5. NETWORK/APPLICATION DISCONNECTS - TCP RESETS