Packet Analysis with Wireshark

The Packet Analyzer

Wireshark is the world’s de-facto network packet sniffer which can be used for protocol analysis, network troubleshooting, finding delays and latency in the network and many other things. It is an open source cross-platform packet capture and analysis tool, with versions for Windows and Linux operating systems.

Training Modes
On-LINE
Class Room
CORPORATE

The candidate will be doing extensive packet analysis exercises during the training. 

We provide all the required pcap files for thorough understanding of the protocol structure and every participant will capture live packets and do the analysis during the training.

The participants are given case studies to analyse the issues in the pcap files and answer questions related to that during the troubleshooting lab sessions, which strengthens the analytical capability of the participant using wireshark.

Course Material

We provide our own course material authored by the Trainer A.K.Asokan
50 Labs - Step by Step with our own pcap files - Colour print.

Hands on Labs

Lab 1:     Creating Troubleshooting profiles

Lab 2:    Selecting a Capture Interface and creating the first pcap file.

Lab 3:     Using Capture filters

Lab 4:     Filtering Low ttl value packets

Lab 5:     Find, Mark, Save interested Packets

Lab 6:     Navigate through menus and status bar

Lab 7:     Finding a Text String in a Trace File

Lab 8:     Configuring global preferences

Lab 9:      Merging Multiple Trace Files

Lab 10:    Creating Display Filters

Lab 11:    Create a Coloring Rule to Detect specific traffic

Lab 12:    Ring Buffer capture and working with File Sets

Lab 13:    Creating Filter Expression buttons

Lab 14:    Analze Address Resolution Protocol (ARP)

Lab 15:    Analze Internet Control Message Protocol (ICMP)

Lab 16:    Analze IPV4 Structure and Filter on a Range of IPv4 Addresses

Lab 17:    Analze User Datagram Protocol (UDP)

Lab 18:    Analze Transmission Control Protocol (TCP)

Lab 19:    Analze Dynamic Host Configuration Protocol (DHCP)

Lab 20:    Analze Domain Name System (DNS)

Lab 21:    Analze Hypertext Transfer Protocol (HTTP/HTTPS)

Lab 22:    Analze File Transfer Protocol (FTP)

Lab 22:    Understanding Columns and time value evaluation

Lab 23:    Follow a TCP Stream

Lab 24:    Reconstructing a TCP stream

Lab 25:    Unsecured username and password recovery from trace

Lab 26:    Build and Save Filters Based on Packets

Lab 27:    Analyze Expert Information

Lab 28:    Round Trip Time – TCP 3 way handshake Analysis

Lab 29:    The double headed ICMP packet Analysis

Lab 30:    Filtering TCP Flag parameters

Lab 31:    Filtering IP Flag parameters

Lab 32:    Filtering DNS Flag parameters

Lab 33:    Enabling TCP Conversation Timestamps and Sequence and Analysis

Lab 34:    DNS Errors and Error Codes Filtering and Analysis

Lab 35:    Filtering Latency Issues

Lab 36:    Using the frame.time_delta Filter

Lab 37:    Troubleshooting with Time column

Lab 38:    Understanding Packet Loss and Recovery process

Lab 39:    Locating Low Buffer problems

Lab 40:   Zero window condition and Windows update process

Lab 41:    Creating IO Graphs

Lab 42:    IP fragmentation packet analysis

Lab 43:    Out of order segments and duplicate acknowledgements filtering

Lab 44:    Retransmissions, Fast Retransmissions and Spurious Retransmissions

Lab 45:    Filtering HTTP and DNS Errors

Lab 46:    Extract and save single subnet conversation

Lab 47:    Filter on HTTP server status codes

Lab 48:    Change dissector behaviour -measuring http response time

Lab 49:    Exporting an HTTP object – reconstructing browsed images

Lab 50:    IP fragmentation packet analysis

 and much more practical labs…….

Videos for you

Introduction to Wireshark

Navigation through menu

The configuration preferences

ARP Protocol

ICMP Protocol

Low TTL value