Our Courses

wireshark stded2-Day Instructor Led Hands On Lab Class
Available in either Web Based Delivery or On-Site Delivery
Minimum 10 students - Maximum 20 students

What Students are saying about this class

  • “Best Wireshark course on the market – bar none!”
  • “Instructor has great depth on the topics and can present them in terms and uses examples that simplify.”
  • “The instructor ensures that the students understand the current topic before moving to the next.”
  • “The course material was well thought out, expecially the labs.”
  • “Labs were very well organized, and the content was done very well as well.”
  • “Instructor has a lot of knowledge, and is able to transmit it without becoming boring. He knows very well how to keep the attention from the audience. You are one of the best online instructors I've had, good job!”

Course Description:

Knowing the fundamentals of the Wireshark® application and how to diagnose/troubleshoot packets on the network, with a focus on the TCP/IP protocol suite is vital to anyone who is in the networking field today, whether it be Service Provider level or Enterprise level. This insightful and revealing course has been designed to focus on the packets using layered model approach to analyze the world of IP Networking.

The course is a combination of Wireshark knowledge training, systems analysis, with hands-on exercises using the Wireshark™ application, backed by CellStream’s experience in networking over the last 25 years, revealing the details and capabilities in a swift, comprehensive, and understandable way.

  • "What is Wireshark and why it matters?"
  • "What is the best way to set up Wireshark?
  • "What must I know about troubleshooting with Wireshark that will impact my network?"
  • "How does using trace analysis in Wireshark work?"
  • "How do I maximize my network performance and understand IP networking?"

Course Objectives:

The objectives of the course are:

  1. Develop a "hands-on" skill set targeted at using Wireshark with the layered network protocol stack in the following key areas:Master the layered networking model, and the analysis of the TCP/IP suite of protocols

    • Layer 1: Physical Interfaces

    • Layer 2: Ethernet

    • Layer 3: IPv4

    • Layer 4: UDP and TCP

  2. Understand how Wireshark can help to analyze network problems

    • Learn Wireshark shortcuts, Filtering, and Profiles

    • Leverage Wireshark capabilities to maximize the tool usage

  3. Comprehend how Wireshark can be used in security analysis and monitoring

  4. Define the Wireshark interface, features and functions

  5. Discover the details of how Wireshark works and behaves

  6. Illuminate and explore the communications protocols that Wireshark exposes and analyzes

  7. Reveal what Wireshark features enables us to analyze network issues, and perform maintenance

Audience:

The target audience for this course is anyone in Internet Sales, Marketing, Engineering, Test, Customer Support, Technical Marketing, that requires a solid and complete understanding of the fundamental operations of Wireshark that can be applied to their job function.

Ideal candidates are:

  • Sales and Technical Marketing professionals that deal with the Internet
  • Operations individuals that will provide network configuration and support services
  • Network Design Engineers that need to understand Wireshark as a trouble analysis tool
  • Technical sales individuals that must be able to correlate features with functionality
  • Technical marketing individuals that want more than just a basic understanding of Wireshark
  • Network Administrators

Student Comments

  • "Excellent course to go through and gave a better understanding of the Wireshark process."
  • "Excellent training, my most challenging to date, loved it, many thanks."
  • "It was very fast paced and informative, learned loads and really enjoyed the whole process."
  • "Explain tough and complex topics in a way understandable from the first attempt. Andy is really an excellent trainer"  (Andy says Thanks!)
  • "It was really a great course! I appreciate your expertise, friendliness and way of teaching!"
  • "Labs are great, especially Case Studies"

Course Prerequisites:

This course is designed to appeal to anyone needing the skills and knowledge to use Wireshark. The ideal student will have some experience in networking and operations, however no prior knowledge is necessary.

All students must attend with a lap-top computer running Windows, MAC OSX, or Linux operating systems.

If the course is held at a classroom where computers are available, the Lap-top computer may not be required.

Class size is limited to 20 students.

Course Materials:

Students will be provided with a PDF Course Student Guide. Also, access to analysis captures will be provided via the Online School of Network Science.

Related Content:

This course should be preceded with either the Hands On TCP/IP Fundamentals, Hands On TCP/IP and Ethernet Fundamentals, or one of the IP Routing/Addressing 101 courses.

We offer a number of different Wireshark courses, with a focus on different use cases:

 

Course Outline:

Section 1: Course Introduction and Logistics

Section 2: Introduction to Wireshark®

  • LAB 1: Installation of Wireshark®

  • Purpose, Features, and Uses of Wireshark

  • Wireshark User Interface and Tool Bar Functions

  • Status Bar and Help

  • Packet Capture Views and Details

  • LAB 2: Basic Capture Lab Using Wireshark

  • Trace Files

  • Common Problems & Tips for Success

  • File Operations, Merging Capture Files

  • LAB 3: Saving and Loading TRACE Files

  • Capture Filters

  • LAB 4: Using Wireshark Capture Filters

  • Display Filters

  • LAB 5: Using Wireshark Display Filters

  • Colorizing, Marking, Ignoring Packets

  • Ring Buffer Captures

  • Summary


Section 3 : Network Baselines, Protocols, and Statistics

  • Network Baselining

  • System Statistics and Summary Statistics

  • Endpoint and Conversation List

  • Protocol Hierarchy

  • Packet Length Analysis

  • The Communications Protocol Stack

  • Protocol Layers/Functions, The OSI Model

  • The TCP/IP Suite

  • TCP/IP Packet Assembly

  • I/O and Flow Graph, Applying Filters

  • Service Response Time Statistics

  • Graphing TCP Stream and Round Trip Time

  • Determining Who is Generating the Traffic

  • Summary


Section 4: Configuration and Command Line Functions

  • Where do we Install Wireshark in a Network

  • Securing Traffic Captures

  • Configuration Profiles

  • LAB 6: Custom Profile Lab

  • Name Resolution

  • Geo-IP Translations

  • Packet Reassembly

  • Checksum Verification

  • T-Shark Command Line Tool

  • tcpdump Command Line Tool

  • dumpcap Command Line Tool

  • Mergecap Command Line Tool

  • The Lua Interpreter

  • Summary

 

Section 5: Layer 1: The Physical Layer

  • Function of Layer 1

  • Transmission Type :Simplex/ Half Duplex / Full Duplex

  • T1, DS1 Super Frame, DS1 Extended Super Frame

  • Wireless Physical Layer

  • Wired Ethernet Physical Layer

  • Wireshark Physical Layer Analysis, Common Problems

  • LAB 7: Layer 1 Lab

  • Wireless PHY Analysis

  • Wireless Wi-Fi Layers

  • 802.11 Fundamentals, BSS, ESS, Standards

  • Wireless Operations, Beacons, Management Frames

  • LAB 8: Wireless data capture

  • Summary


Section 6: Layer 2: The Datalink Layer (Ethernet)

  • Ethernet Defined, Mechanisms and the OSI Model

  • Sublayers and Logical Link Control

  • Topologies

  • CSMA/CD and Full Duplex

  • Hubs and Switches

  • Ethernet Frame Formats

  • The MAC Address

  • ARP Protocol, Inverse, and Reverse ARP

  • LAB 9: Layer 2 Ethernet Lab

  • Spanning Tree, RSTP Protocols

  • LAB 10: Ethernet Spanning Tree Analysis

  • VLANs and VLAN Trunking Protocol

  • LAB 11: Ethernet VLAN and VTP Analysis

  • Summary



Section 7: Layer 3: The Network Layer - Internet Protocol (IP)

  • IP Protocol Functions, Format

  • IP Addressing, Reserved and Broadcast Addresses

  • IP Routing

  • Fragmenting Packets

  • LAB 12: IP Fragmentation

  • ICMP Protocol, Format, and Troubleshooting

  • LAB 13: ICMP Troubleshooting

  • LAB 14: Layer 3 Errors

  • Summary


Section 8: Layer 4: The Transport Layer - TCP & UDP Protocols

  • TCP Protocol Characteristics, Format

  • TCP Connection States

  • Three-Way-Handshake

  • TCP Sockets

  • TCP Segmentation

  • LAB 15: TCP Three-Way Handshake

  • Flow Control, Sliding Windows

  • Packet Loss, Re-transmission & TCP Slow Start

  • Nagle Algorithm

  • LAB 16: TCP Sliding Windows Lab

  • UDP Overview

  • LAB 17: UDP Lab

  • Summary

 

The following section is included in the materials and the online school labs, but is not covered during class time.
Section 9: Using Wireshark® for Troubleshooting Networks

  • Planning and Strategies

  • Wireshark Tool Set

  • Application Types, Problems

  • Network Performance, Analysis, Issues, Typical Problems

  • Bandwidth and Latency

  • TCP Performance, Tips

  • LAB: Case Study #1

  • LAB: Case Study #2

  • Summary

Course Availability:

Contact us for schedule dates and times.

View the course calendar and browse for our schedule.

Purchase Course Book

You can now purchase a course book directly from us without attending the class. You will receive a PDF emailed to you. We will email within 1 business day of your paid order. Sorry, we no longer offer printed materials.

Comments powered by CComment

Event Booking Mini Calendar

December   2018
S M T W T F S
            1
2 3 4 5 6 7 8
9 10 11 12 13 14 15
16 17 18 19 20 21 22
23 24 25 26 27 28 29
30 31