• Telecommunications Consulting

    Telecommunications Consulting

    Consulting Services from Network Design to Project Management Read More
  • Internetworking Training Experts

    Internetworking Training Experts

    Click on Training and then Courses. Read More
  • Wireshark Experts

    Wireshark Experts

    Packet analysis expertise is critical in today's networks, and being able to use the best packet analyzer application is a skill we can help you and your team attain. Read More
  • Are you a Network Scientist?

    Are you a Network Scientist?

    Online Learning, Instructor Led in person or Web-based delivery. Check out our online school. Read More
  • Online Certification Training

    Online Certification Training

    Find out about our Network Self Certification Program for Rural Service Providers here! Read More
  • IPv6 Experts

    IPv6 Experts

    Along with other Internet regions, ARIN is out of IPv4 Addresses. Are you IPv6 fluent? Are you IPv6 ready? Read More
  • Enabling the IoT with Wireless

    Enabling the IoT with Wireless

    Without wireless, we cannot have the Internet of Things. Read More
  • MPLS Book for iPad and iPhone

    MPLS Book for iPad and iPhone

    Get Mr. Walding's book here! Read More
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8

Welcome to CellStream, Inc. - Telecom Consulting and Training!

Welcome to our home on the Internet, where we can not only share information, but also interact with each other. If you are a visitor to the site, there are a number of things to view: our FAQ'sNetworking and Computing Tips, our CellStream Blog, and other fun reading can all be found in the drop down menus above.  The Training menu provides access to our courses, our course calendar, and learning services.  The Consulting Menu provides information on our consulting services and a place to meet our consulting and teaching team.  Registered CellStream folks and our clients will log in using their private credentials to access projects, calendars and discussions.

Thanks for visiting! We always welcome comments and suggestions.

CellStream Logo trim plus TM 150x50  

CellStream, Inc. - Telecom Consulting and Training!            

2-Day Instructor Led Hands On Lab Class
Available in either Web Based delivery or On-Site Delivery
Minimum 10 students - Maximum 20 students

wireshark stded

What Students are saying about this class

  • “Best Wireshark course on the market – bar none!”
  • “Instructor has great depth on the topics and can present them in terms and uses examples that simplify.”
  • “The instructor ensures that the students understand the current topic before moving to the next.”
  • “The course material was well thought out, expecially the labs.”
  • “Labs were very well organized, and the content was done very well as well.”
  • “Instructor has a lot of knowledge, and is able to transmit it without becoming boring. He knows very well how to keep the attention from the audience. You are one of the best online instructors I've had, good job!”

Course Description:

Knowing the fundamentals of the Wireshark® application and how to diagnose/troubleshoot packets on the network, with a focus on the TCP/IP protocol suite is vital to anyone who is in the networking field today, whether it be Service Provider level or Enterprise level. This insightful and revealing course has been designed to focus on the packets using layered model approach to analyze the world of IP Networking.

The course is a combination of Wireshark knowledge training, systems analysis, with hands-on exercises using the Wireshark™ application, backed by CellStream’s experience in networking over the last 25 years, revealing the details and capabilities in a swift, comprehensive, and understandable way.

  • "What is Wireshark and why it matters?"
  • "What is the best way to set up Wireshark?
  • "What must I know about troubleshooting with Wireshark that will impact my network?"
  • "How does using trace analysis in Wireshark work?"
  • "How do I maximize my network performance and understand IP networking?"

Course Objectives:

The objectives of the course are:

  1. Develop a "hands-on" skill set targeted at using Wireshark with the layered network protocol stack in the following key areas:Master the layered networking model, and the analysis of the TCP/IP suite of protocols

    • Layer 1: Physical Interfaces

    • Layer 2: Ethernet

    • Layer 3: IPv4

    • Layer 4: UDP and TCP

  2. Understand how Wireshark can help to analyze network problems

    • Learn Wireshark shortcuts, Filtering, and Profiles

    • Leverage Wireshark capabilities to maximize the tool usage

  3. Comprehend how Wireshark can be used in security analysis and monitoring

  4. Define the Wireshark interface, features and functions

  5. Discover the details of how Wireshark works and behaves

  6. Illuminate and explore the communications protocols that Wireshark exposes and analyzes

  7. Reveal what Wireshark features enables us to analyze network issues, and perform maintenance


The target audience for this course is anyone in Internet Sales, Marketing, Engineering, Test, Customer Support, Technical Marketing, that requires a solid and complete understanding of the fundamental operations of Wireshark that can be applied to their job function.

Ideal candidates are:

  • Sales and Technical Marketing professionals that deal with the Internet
  • Operations individuals that will provide network configuration and support services
  • Network Design Engineers that need to understand Wireshark as a trouble analysis tool
  • Technical sales individuals that must be able to correlate features with functionality
  • Technical marketing individuals that want more than just a basic understanding of Wireshark
  • Network Administrators

Student Comments

  • "Excellent course to go through and gave a better understanding of the Wireshark process."
  • "Excellent training, my most challenging to date, loved it, many thanks."
  • "It was very fast paced and informative, learned loads and really enjoyed the whole process."
  • "Explain tough and complex topics in a way understandable from the first attempt. Andy is really an excellent trainer"  (Andy says Thanks!)
  • "It was really a great course! I appreciate your expertise, friendliness and way of teaching!"
  • "Labs are great, especially Case Studies"

Course Prerequisites:

This course is designed to appeal to anyone needing the skills and knowledge to use Wireshark. The ideal student will have some experience in networking and operations, however no prior knowledge is necessary.

All students must attend with a lap-top computer running Windows, MAC OSX, or Linux operating systems.

If the course is held at a classroom where computers are available, the Lap-top computer may not be required.

Class size is limited to 20 students.

Course Materials:

Students will be provided with a PDF Course Student Guide. Also, access to analysis captures will be provided via the Online School of Network Science.

Related Content:

This course should be preceded with either the Hands On TCP/IP Fundamentals, Hands On TCP/IP and Ethernet Fundamentals, or one of the IP Routing/Addressing 101 courses.

We offer a number of different Wireshark courses, with a focus on different use cases:


Course Outline:

Section 1: Course Introduction and Logistics

Section 2: Introduction to Wireshark®

  • LAB 1: Installation of Wireshark®

  • Purpose, Features, and Uses of Wireshark

  • Wireshark User Interface and Tool Bar Functions

  • Status Bar and Help

  • Packet Capture Views and Details

  • LAB 2: Basic Capture Lab Using Wireshark

  • Trace Files

  • Common Problems & Tips for Success

  • File Operations, Merging Capture Files

  • LAB 3: Saving and Loading TRACE Files

  • Capture Filters

  • LAB 4: Using Wireshark Capture Filters

  • Display Filters

  • LAB 5: Using Wireshark Display Filters

  • Colorizing, Marking, Ignoring Packets

  • Ring Buffer Captures

  • Summary

Section 3 : Network Baselines, Protocols, and Statistics

  • Network Baselining

  • System Statistics and Summary Statistics

  • Endpoint and Conversation List

  • Protocol Hierarchy

  • Packet Length Analysis

  • The Communications Protocol Stack

  • Protocol Layers/Functions, The OSI Model

  • The TCP/IP Suite

  • TCP/IP Packet Assembly

  • I/O and Flow Graph, Applying Filters

  • Service Response Time Statistics

  • Graphing TCP Stream and Round Trip Time

  • Determining Who is Generating the Traffic

  • Summary

Section 4: Configuration and Command Line Functions

  • Where do we Install Wireshark in a Network

  • Securing Traffic Captures

  • Configuration Profiles

  • LAB 6: Custom Profile Lab

  • Name Resolution

  • Geo-IP Translations

  • Packet Reassembly

  • Checksum Verification

  • T-Shark Command Line Tool

  • tcpdump Command Line Tool

  • dumpcap Command Line Tool

  • Mergecap Command Line Tool

  • The Lua Interpreter

  • Summary


Section 5: Layer 1: The Physical Layer

  • Function of Layer 1

  • Transmission Type :Simplex/ Half Duplex / Full Duplex

  • T1, DS1 Super Frame, DS1 Extended Super Frame

  • Wireless Physical Layer

  • Wired Ethernet Physical Layer

  • Wireshark Physical Layer Analysis, Common Problems

  • LAB 7: Layer 1 Lab

  • Wireless PHY Analysis

  • Wireless Wi-Fi Layers

  • 802.11 Fundamentals, BSS, ESS, Standards

  • Wireless Operations, Beacons, Management Frames

  • LAB 8: Wireless data capture

  • Summary

Section 6: Layer 2: The Datalink Layer (Ethernet)

  • Ethernet Defined, Mechanisms and the OSI Model

  • Sublayers and Logical Link Control

  • Topologies

  • CSMA/CD and Full Duplex

  • Hubs and Switches

  • Ethernet Frame Formats

  • The MAC Address

  • ARP Protocol, Inverse, and Reverse ARP

  • LAB 9: Layer 2 Ethernet Lab

  • Spanning Tree, RSTP Protocols

  • LAB 10: Ethernet Spanning Tree Analysis

  • VLANs and VLAN Trunking Protocol

  • LAB 11: Ethernet VLAN and VTP Analysis

  • Summary

Section 7: Layer 3: The Network Layer - Internet Protocol (IP)

  • IP Protocol Functions, Format

  • IP Addressing, Reserved and Broadcast Addresses

  • IP Routing

  • Fragmenting Packets

  • LAB 12: IP Fragmentation

  • ICMP Protocol, Format, and Troubleshooting

  • LAB 13: ICMP Troubleshooting

  • LAB 14: Layer 3 Errors

  • Summary

Section 8: Layer 4: The Transport Layer - TCP & UDP Protocols

  • TCP Protocol Characteristics, Format

  • TCP Connection States

  • Three-Way-Handshake

  • TCP Sockets

  • TCP Segmentation

  • LAB 15: TCP Three-Way Handshake

  • Flow Control, Sliding Windows

  • Packet Loss, Re-transmission & TCP Slow Start

  • Nagle Algorithm

  • LAB 16: TCP Sliding Windows Lab

  • UDP Overview

  • LAB 17: UDP Lab

  • Summary


The following section is included in the materials and the online school labs, but is not covered during class time.
Section 9: Using Wireshark® for Troubleshooting Networks

  • Planning and Strategies

  • Wireshark Tool Set

  • Application Types, Problems

  • Network Performance, Analysis, Issues, Typical Problems

  • Bandwidth and Latency

  • TCP Performance, Tips

  • LAB: Case Study #1

  • LAB: Case Study #2

  • Summary

Course Availability:

Contact us for schedule dates and times.

View the course calendar and browse for our schedule.

Purchase Course Book

You can now purchase a course book directly from us without attending the class. You will receive a PDF emailed to you. We will email within 1 business day of your paid order. Sorry, we no longer offer printed materials.

Comments powered by CComment

Our Latest Content

  • Example IPv6 Fragmentation Attack

    I want to continue my articles on IPv6 Security with an example of IPv6 Fragmentation.  Needing some training on IPv6

    Read More
  • Example IPv6 SYN Flood Attack

    As folks are becoming more focused on IPv6, developing a solid security strategy with regards to IPv6 networking is essential. 

    Read More
  • Tweaking the Wireless Interface - Power Settings, Country etc. in Linux

    I ws asked in a recent WLAN class whether you can adjust the power level in a Wi-Fi radio.  The

    Read More
  • The Evolving Networking Skill Set

    It used to be pretty simple to adopt and learn the necessary knowledge and skills for a career in the field

    Read More
  • A Terminal Version of T-Shark - we love it!

    Just introduced this week is a terminal version of T-Shark that looks like the Wireshark GUI call termshark. Why? Let's

    Read More
  • 1
  • 2
  • 3
  • 4

Our Most Popular Articles

  • What is the 'arp' command, and how can I use it?

    Let's answer the question.  If you want more details than what we have provided below, check out our chapter on

    Read More
  • Neighbor Discovery (ND) Table in IPv6 Windows, Linux and MAC Machines

    A great question I was asked in class was: "If Neighbor Discovery processes have replaced ARP in ICMPv6, how do

    Read More
  • IPv6 Windows Command Line Examples

    Here are some great Windows command line entries you can make to examine and configure IPv6 (assuming your version of

    Read More
  • A List of Network Monitoring Tools for Network and System Administrators

    Monitoring, analyzing, managing, and diagraming a network can often be a huge problem for Network and System Administrators.  They are

    Read More
  • How do I reset my "Default" profile in Wireshark?

    This is a commonly asked question that usually results from users learning the can have different profiles after they have

    Read More
  • 1
  • 2
  • 3
  • 4

Event Booking Mini Calendar

September   2019
1 2 3 4 5 6 7
8 9 10 11 12 13 14
15 16 17 18 19 20 21
22 23 24 25 26 27 28
29 30          

Subscribe to our Newsletter!

Subscribe to our monthly newsletter to learn about upcoming classes, new networking how to's and much more.

Find by Tag

4G Networks 5G Networks 6LoWLAN 6LoWPAN 802.11 802.11ah 802.11ax 802.11ay 802.11az Addressing Analysis Ansible Architecture ARP AToM Baseline BGP Bloom's Taxonomy Broadband Cable cat CellStream Cellular Central Office Cheat Sheet Chrome Cisco Cloud CMD Coloring Rules Computer Consulting Customer Support Data Center Data Networking DHCPv6 DNS Docker Documentation Dublin-Traceroute dumpcap ECMP Ethernet Ethics Evaluation Field Operations Fragmentation G-MPLS GeoIP Git GNS3 Google GQUIC Hands-On History Home Network ICMP ICMPv6 IEEE 802.11p IEEE 802.15.4 India Interface Control Internet IoT IPsec IPv4 IPv6 IRINN IS-IS L2VPN L3VPN LDP Linux LLN LoL M-BGP MAC Macro Microsoft mininet Monitoring MPLS mtr MTU Multicast Name Resolution Netcat Netmiko NetMon netsh Networking Network Science nmap Npcap NSE Observations Online School OpenFlow OSPF OSPFv2 OSPFv3 OSX OTT Paris-Traceroute Parrot PIM PMTU Policy POTS POTS to Pipes PPP Profile Programming Project Management PW3E Python QoS QUIC Remote Desktop Requirements Resume RIP Routing RPL RSVP Rural SDN Security Service Provider Small Business SONET Speed SS7 SSH SSL Subnetting SYSCTL T-Shark TCP TCP/IP Telco Telecom 101 Telecommunications Telephone termshark Testing TLS Tools Traceroute Traffic Engineering Training Travel Tunnel Ubuntu Utility Video Virtualbox Virtualization VoIP VRF VXLAN Wi-Fi Wi-Fi 4 Wi-Fi 5 Wi-Fi 6 Windows Winpcap Wireless Wireless 5G Wireshark Wireshark Tip WLAN Writing Zenmap ZigBee

Twitter Feed