CSI-HO-020 – Explore Packet Analysis with Wireshark Standard Edition – 3 Day

CellStream Logo trim plus TM 150x50  

CellStream, Inc. – Telecom Consulting and Training!            

2.5-Day Instructor Led Hands On Lab Class
Available in either Web Based delivery or On-Site Delivery
Minimum 10 students – Maximum 20 students

 

wireshark stded

What Students are saying about this class

  • “I thought the Instructor was excellent. He was keen for interaction, happy to discuss and check we understood and improve course content.”
  • “Very satisfied, is the best course I have ever done. [I]t is very well organized , the [online] lab is easy to use and very good structured. The [instructor]’s knowledge and teaching methods are awesome .”
  • “perfect training and trainer”
  • “El instructor demostraba un amplio conocimiento de la herramienta que ayudaba a la comprensión de las clases y a la resolución de dudas. Además tiene buenas dotes de comunicación que hacen que se mantenga la atención durante toda la clase.” [Translated: The instructor demonstrated a broad knowledge of the tool that helped with the understanding of the classes and the resolution of doubts. He also has good communication skills that keep the attention throughout the class.]

Course Description:

Knowing the fundamentals of the Wireshark® application and how to diagnose/troubleshoot the network with a focus on the TCP/IP protocol suite is vital to anyone who is in the networking field today, whether it be Service Provider level or Enterprise level. This insightful and revealing course has been designed to focus on the layered model approach to analyze the world of IP Networking.

The course is a combination of knowledge training, systems analysis, with hands-on exercises using the Wireshark™ application, backed by CellStream’s experience in networking over the last 25 years, revealing the details and capabilities in a swift, comprehensive, and understandable way.

  • “What is Wireshark and why it matters?”
  • “What must I know about troubleshooting with Wireshark that will impact my network?”
  • “How does using trace analysis in Wireshark work?”
  • “How do I maximize my network performance and understand IP networking?”

Course Objectives:

The objectives of the course are:

  • Develop a “hands-on” skill set targeted at using Wireshark with the layered network protocol stack in the following key areas:Master the layered networking model, and the analysis of the TCP/IP suite of protocols
    • Layer 1: Physical Interfaces
    • Layer 2: Ethernet
    • Layer 3: IPv4
    • Layer 4: UDP and TCP
  • Understand how Wireshark can help to analyze network problems
    • Learn Wireshark shortcuts, Filtering, and Profiles
    • Leverage Wireshark capabilities to maximize the tool usage
  • Comprehend how Wireshark can be used in security analysis and monitoring
  • Define the Wireshark interface, features and functions
  • Discover the details of how Wireshark works and behaves
  • Illuminate and explore the communications protocols that Wireshark exposes and analyzes
  • Reveal what Wireshark features enables us to analyze network issues, and perform maintenance

 

Audience:

The target audience for this course is anyone in Internet Sales, Marketing, Engineering, Test, Customer Support, Technical Marketing, that requires a solid and complete understanding of the fundamental operations of Wireshark that can be applied to their job function.

Ideal candidates are:

  • Sales and Technical Marketing professionals that deal with the Internet
  • Operations individuals that will provide network configuration and support services
  • Network Design Engineers that need to understand Wireshark as a trouble analysis tool
  • Technical sales individuals that must be able to correlate features with functionality
  • Technical marketing individuals that want more than just a basic understanding of Wireshark
  • Network Administrators

Course Prerequisites:

This course is designed to appeal to anyone needing the skills and knowledge to use Wireshark. The ideal student will have some experience in networking and operations, however no prior knowledge is necessary.

All students must attend with a lap-top computer. If the course is held at a classroom where computers are available, the Lap-top computer may not be required.

Class size is limited to 20 students.

Course Materials:

Students will be provided with a Course Student Guide and a Lab Guide. Also, access to analysis captures will be provided via the CellStream Online School of Network Sciences.

Related Content:

While not required, this course should be preceded with either the Hands On TCP/IP FundamentalsHands On TCP/IP and Ethernet Fundamentals, or one of the IP Routing/Addressing 101 courses.

We offer a number of different Wireshark courses, with a focus on different use cases:

Course Outline:

Section 1: Course Introduction and Logistics

Section 2: Introduction to Wireshark®

  • LAB 1: Installation of Wireshark®
  • Purpose, Features, and Uses of Wireshark
  • Wireshark User Interface and Tool Bar Functions
  • Status Bar and Help
  • Packet Capture Views and Details
  • LAB 2: Basic Capture Lab Using Wireshark
  • Trace Files
  • Common Problems & Tips for Success
  • File Operations, Merging Capture Files
  • LAB 3: Saving and Loading TRACE Files
  • Capture Filters
  • LAB 4: Using Wireshark Capture Filters
  • Display Filters
  • LAB 5: Using Wireshark Display Filters
  • Colorizing, Marking, Ignoring Packets
  • Ring Buffer Captures
  • Summary

Section 3 : Network Baselines, Protocols, and Statistics

  • Network Baselining
  • System Statistics and Summary Statistics
  • Endpoint and Conversation List
  • Protocol Hierarchy
  • Packet Length Analysis
  • The Communications Protocol Stack
  • Protocol Layers/Functions, The OSI Model
  • The TCP/IP Suite
  • TCP/IP Packet Assembly
  • I/O and Flow Graph, Applying Filters
  • Service Response Time Statistics
  • Graphing TCP Stream and Round Trip Time
  • Determining Who is Generating the Traffic
  • Summary

Section 4: Configuration and Command Line Functions

  • Where do we Install Wireshark in a Network
  • Securing Traffic Captures
  • Configuration Profiles
  • LAB 6: Custom Profile Lab
  • Name Resolution
  • Geo-IP Translations
  • Packet Reassembly
  • Checksum Verification
  • T-Shark Command Line Tool
  • tcpdump Command Line Tool
  • dumpcap Command Line Tool
  • Mergecap Command Line Tool
  • The Lua Interpreter
  • Summary

 

Section 5: Layer 1: The Physical Layer

  • Function of Layer 1
  • Transmission Type :Simplex/ Half Duplex / Full Duplex
  • T1, DS1 Super Frame, DS1 Extended Super Frame
  • Wireless Physical Layer
  • Wired Ethernet Physical Layer
  • Wireshark Physical Layer Analysis, Common Problems
  • LAB 7: Layer 1 Lab
  • Wireless PHY Analysis
  • Wireless Wi-Fi Layers
  • 802.11 Fundamentals, BSS, ESS, Standards
  • Wireless Operations, Beacons, Management Frames
  • LAB 8: Wireless data capture
  • Summary

Section 6: Layer 2: The Datalink Layer (Ethernet)

  • Ethernet Defined, Mechanisms and the OSI Model
  • Sublayers and Logical Link Control
  • Topologies
  • CSMA/CD and Full Duplex
  • Hubs and Switches
  • Ethernet Frame Formats
  • The MAC Address
  • ARP Protocol, Inverse, and Reverse ARP
  • LAB 9: Layer 2 Ethernet Lab
  • Spanning Tree, RSTP Protocols
  • LAB 10: Ethernet Spanning Tree Analysis
  • VLANs and VLAN Trunking Protocol
  • LAB 11: Ethernet VLAN and VTP Analysis
  • Summary

Section 7: Layer 3: The Network Layer – Internet Protocol (IP)

  • IP Protocol Functions, Format
  • IP Addressing, Reserved and Broadcast Addresses
  • IP Routing
  • Fragmenting Packets
  • LAB 12: IP Fragmentation
  • ICMP Protocol, Format, and Troubleshooting
  • LAB 13: ICMP Troubleshooting
  • LAB 14: Layer 3 Errors
  • Summary

Section 8: Layer 4: The Transport Layer – TCP & UDP Protocols

  • TCP Protocol Characteristics, Format
  • TCP Connection States
  • Three-Way-Handshake
  • TCP Sockets
  • TCP Segmentation
  • LAB 15: TCP Three-Way Handshake
  • Flow Control, Sliding Windows
  • Packet Loss, Re-transmission & TCP Slow Start
  • Nagle Algorithm
  • LAB 16: TCP Sliding Windows Lab
  • UDP Overview
  • LAB 17: UDP Lab
  • Summary

 

Section 9: Using Wireshark® for Troubleshooting Networks

  • Planning and Strategies
  • Wireshark Tool Set
  • Application Types, Problems
  • Network Performance, Analysis, Issues, Typical Problems
  • Bandwidth and Latency
  • TCP Performance, Tips
  • LAB: Case Study #1
  • LAB: Case Study #2
  • Optional LAB: Case Study #3
  • Summary

Course Availability:

Contact us for schedule dates and times.

View the course calendar and browse for our schedule.

 

Course Description, Content, Outline, and Instructional Design are Copyright ©CellStream, Inc.

 

Leave a Comment

Contact Us Here


Please verify.
Validation complete :)
Validation failed :(
 
Your contact request has been received. We usually respond within an hour, but please be patient. We will get back to you very soon.
Scroll to Top