Introduction to Troubleshooting TCP/IP Networks with Wireshark

Similar documents
NETWORK PACKET ANALYSIS PROGRAM

Part 1: Training Project Information (Required for Formal Quotes) Online Live On-Demand (All Access Pass Subscriptions) Other

Brief Contents. Acknowledgments... xv. Introduction...xvii. Chapter 1: Packet Analysis and Network Basics Chapter 2: Tapping into the Wire...

Wireshark 101 Essential Skills for Network Analysis 2 nd Edition

Network Traffic Analysis - Course Outline

CONTENTS IN DETAIL ACKNOWLEDGMENTS INTRODUCTION 1 PACKET ANALYSIS AND NETWORK BASICS 1 2 TAPPING INTO THE WIRE 17 3 INTRODUCTION TO WIRESHARK 35

Advanced Network Troubleshooting Using Wireshark (Hands-on)

Wireshark 101 Course Set

About this Troubleshooting Checklist

Wireshark 101 Essential Skills for Network Analysis 1 st Edition

Introduction to OSI model and Network Analyzer :- Introduction to Wireshark

Course List. December 2010

DKT 224/3 LAB 2 NETWORK PROTOCOL ANALYZER DATA COMMUNICATION & NETWORK SNIFFING AND IDENTIFY PROTOCOL USED IN LIVE NETWORK

E&CE 358: Tutorial 1. Instructor: Sherman (Xuemin) Shen TA: Miao Wang

Data Communications and Networks Spring Syllabus and Reading Assignments

CCRI Networking Technology I CSCO-1850 Spring 2014

TCP/IP Networking. Training Details. About Training. About Training. What You'll Learn. Training Time : 9 Hours. Capacity : 12

Table of Contents. Contents iii

Objectives: (1) To learn to capture and analyze packets using wireshark. (2) To learn how protocols and layering are represented in packets.

Troubleshooting Voice Over IP with WireShark

This course prepares candidates for the CompTIA Network+ examination (2018 Objectives) N

Hands-On Troubleshooting IPTV with WireShark

Hands-On TCP/IP Networking

Configuring Windows 8 Course 20687A - Five days - Instructor-led - Hands-on

SC/CSE 3213 Winter Sebastian Magierowski York University CSE 3213, W13 L8: TCP/IP. Outline. Forwarding over network and data link layers

A common issue that affects the QoS of packetized audio is jitter. Voice data requires a constant packet interarrival rate at receivers to convert

CCNA 1 Chapter 7 v5.0 Exam Answers 2013

SYLLABUS. Departmental Syllabus. Applied Networking I. Departmental Syllabus. Departmental Syllabus. Departmental Syllabus. Departmental Syllabus

Chapter 12 Network Protocols

Lab - Using Wireshark to Examine a UDP DNS Capture

OSI Layer OSI Name Units Implementation Description 7 Application Data PCs Network services such as file, print,

The Transmission Control Protocol (TCP)

Lab - Using Wireshark to Examine a UDP DNS Capture

Lab Exercise Protocol Layers

Lab Exercise UDP. Objective. Requirements. Step 1: Capture a Trace

Part VI. Appendixes. Appendix A OSI Model and Internet Protocols Appendix B About the CD

Chapter 2 - Part 1. The TCP/IP Protocol: The Language of the Internet

Just enough TCP/IP. Protocol Overview. Connection Types in TCP/IP. Control Mechanisms. Borrowed from my ITS475/575 class the ITL

Defining Networks with the OSI Model. Module 2

Network Troubleshooting with Wireshark Sample 2-Day Course Outline

Hands-On IP for TeleCom Technicians Internetworking, TCP/IP, VLANS, Wirelss and more...

Network Analyzer :- Introduction to Wireshark

So What is WireShark?

OSI Transport Layer. Network Fundamentals Chapter 4. Version Cisco Systems, Inc. All rights reserved. Cisco Public 1

TCP/IP Overview. Basic Networking Concepts. 09/14/11 Basic TCP/IP Networking 1

Chapter 09 Network Protocols

Fundamentals of Windows Server 2008 Network and Applications Infrastructure

ETSF10 Internet Protocols Transport Layer Protocols

Chapter 4. TCP / UDP Transport Protocol Overview

Testing the Network. from Cables to Packets to Applications. Harshang Pandya Psiber Data Pte. Ltd.

Lab Exercise UDP & TCP

Lab 1: Packet Sniffing and Wireshark

Computer Forensics: Investigating Network Intrusions and Cybercrime, 2nd Edition. Chapter 2 Investigating Network Traffic

Introduction to Computer Networks. CS 166: Introduction to Computer Systems Security

To see the details of TCP (Transmission Control Protocol). TCP is the main transport layer protocol used in the Internet.

EECS 3214 Final Exam Winter 2017 April 19, 2017 Instructor: S. Datta. 3. You have 180 minutes to complete the exam. Use your time judiciously.

CCNA R&S: Introduction to Networks. Chapter 7: The Transport Layer

CompTIA Network+ Study Guide Table of Contents

Chapter 3: Network Protocols and Communications

UDP, TCP, IP multicast

Advanced Network Design

Study Abroad Programme

Lab - Using Wireshark to Examine TCP and UDP Captures

Layer 4: UDP, TCP, and others. based on Chapter 9 of CompTIA Network+ Exam Guide, 4th ed., Mike Meyers

Fundamental Questions to Answer About Computer Networking, Jan 2009 Prof. Ying-Dar Lin,

Da t e: August 2 0 th a t 9: :00 SOLUTIONS

User Datagram Protocol

CCNA Boot Camp. Course Description

EMT2455 Data Communications 4. Network Layer. Dr. Xiaohai Li. Dept. of Computer Eng. Tech., NYCCT. Last Update: Nov.

Configure Transmission Control Protocol (TCP) and User Datagram Protocol (UDP) Service Settings on a Switch

Wireshark Tutorial. Chris Neasbitt UGA Dept. of Computer Science

Understanding Networking Fundamentals

Networks Fall This exam consists of 10 problems on the following 13 pages.

Transport Layer Protocols TCP

Assignment - 1 Chap. 1 Wired LAN s

Applied Networks & Security

BIG-IP Analytics: Implementations. Version 12.1

BIG-IP Analytics: Implementations. Version 13.1

521262S Computer Networks 2 (fall 2007) Laboratory exercise #4: Multimedia, QoS and testing

Network Programming. Introduction to Sockets. Dr. Thaier Hayajneh. Process Layer. Network Layer. Berkeley API

Example questions for the Final Exam, part A

PLEASE READ CAREFULLY BEFORE YOU START

Lab Using Wireshark to Examine Ethernet Frames

Introduction to Networking

OHLONE COLLEGE Ohlone Community College District OFFICIAL COURSE OUTLINE

BSc Year 2 Data Communications Lab - Using Wireshark to View Network Traffic. Topology. Objectives. Background / Scenario

ICS 351: Networking Protocols

Concept Questions Demonstrate your knowledge of these concepts by answering the following questions in the space provided.

School of Engineering Department of Computer and Communication Engineering Semester: Fall Course: CENG415 Communication Networks

Introduction to Wireshark

TSIN02 - Internetworking

Overview. Audience Profile. At Course Completion. Module Title : 10982B: Supporting and Troubleshooting Windows 10. Course Outline :: 10982B::

Concept Questions Demonstrate your knowledge of these concepts by answering the following questions in the space that is provided.

Week 2 / Paper 1. The Design Philosophy of the DARPA Internet Protocols

Supporting and Troubleshooting Windows 10

5105: BHARATHIDASAN ENGINEERING COLLEGE NATTARMPALLI UNIT I FUNDAMENTALS AND LINK LAYER PART A

TSIN02 - Internetworking

Computer Networks and Data Systems

Communicating over the Network

Transcription:

Introduction to Troubleshooting TCP/IP Networks with Wireshark Course WIRE-1B 5 Days Instructor-led, Hands-on Introduction In this hands-on, instructor-led, five-day course, you will receive in-depth training on Wireshark and TCP/IP communications analysis. You will learn to use Wireshark to identify the most common causes of performance problems in TCP/IP communications. You will develop a thorough understanding of how to use Wireshark efficiently to spot the primary sources of network performance problems. At Course Completion After completing this course, students will learn: Top 10 reasons for network performance complaints Place the analyzer properly for traffic capture on a variety of network types Capture packets on wired and wireless networks Configure Wireshark for best performance and non-intrusive analysis Navigate through, split and work with large traffic files Use time values to identify network performance problems Create statistical charts and graphs to pinpoint performance issues Filter out traffic for more efficient troubleshooting and analysis Customize Wireshark coloring to focus on network problems faster Use Wireshark s Expert System to understand various traffic problems Use the TCP/IP Resolution Flowchart to identify possible communication faults Analyze normal/abnormal Domain Name System (DNS) traffic Analyze normal/abnormal Address Resolution Protocol (ARP) traffic Analyze normal/abnormal Internet Protocol v4 (IPv4) traffic Analyze normal/abnormal Internet Control Messaging Protocol (ICMP) traffic Analyze normal/abnormal User Datagram Protocol (UDP) traffic Analyze normal/abnormal Transmission Control Protocol (TCP) traffic Analyze normal/abnormal Hypertext Transport Protocol (HTTP/HTTPS) traffic Prerequisites Before attending this course, students must have attended: CompTIA Network+ Course Materials The student kit includes a comprehensive workbook and other required materials for this class.

Course Outline Module 1: Introduction to Network Analysis and Wireshark TCP/IP Analysis Checklist Top Causes of Performance Problems Get the Latest Version of Wireshark Capturing Traffic Opening Trace Files Processing Packets GTK Interface The Icon Toolbar Mastering the Intelligent Scrollbar The Changing Status Bar Right-Click Functionality General Analyst Resources Your First Task When You Leave Class Module 2: Learn Capture Methods and Use Capture Filters Analyze Switched Networks Walk-Through a Sample SPAN Configuration Analyze Full-Duplex Links with a Network TAP Analyze Wireless Networks USB Capture Initial Analyzing Placement Remote Capture Techniques Available Capture Interfaces Save Directly to Disk Capture File Configurations Limit Your Capture with Capture Filters Examine Key Capture Filters Module 3: Customize for Efficiency: Configure Your Global Preferences First Step: Create a Troubleshooting Profile Customize the User Interface Add Custom Columns for the Packet List Pane Set Your Global Capture Preferences Define Name Resolution Preferences Configure Individual Protocol Preferences Module 4: Navigate Quickly and Focus Faster with Coloring Techniques Move Around Quickly: Navigation Techniques Find a Packet Based on Various Characteristics Build Permanent Coloring Rules Identify a Coloring Source Apply Temporary Coloring Mark Packets of Interest

Module 5: Spot Network and Application Issues with Time Values and Summaries Examine the Delta Time (End-of-Packet to End-of-Packet) Set a Time Reference Compare Timestamp Values Compare Timestamps of Filtered Traffic Enable and Use TCP Conversation Timestamps Compare TCP Conversation Timestamp Values Troubleshooting Example Using Time Analyze Delay Types Module 6: Create and Interpret Basic Trace File Statistics Examine Trace File Summary Information View Active Protocols Graph Throughput to Spot Performance Problems Quickly Locate the Most Active Conversations and Endpoints Other Conversation Options Graph the Traffic Flows for a More Complete View Bust Statistics Numerous Other Statistics are Available Quick Overview of VoIP Traffic Analysis Tools SIP and RTP Analysis Overview SIP Call Setup Analyzing Call Setup with SIP Session Bandwidth and RTP Port Definition Module 7: Focus on Traffic Using Display Filters Display Filters Filter on Conversations/Endpoints Build Filters Based on Packets Display Filter Syntax Use Comparison Operators and Advanced Filters Filter on Text Strings Build Filters Based on Expressions Watch for Common Display Filter Mistakes Share Your Display Filters Module 8: TCP/IP Communications and Resolutions Overview TCP/IP Functionality When Everything Goes Right The Multi-Step Resolution Process Resolution Helped Build the Packet Where Faults Can Occur Typical Causes of Slow Performance

Module 9: Analyze DNS Traffic DNS Overview DNS Packet Structure DNS Queries Filter on DNS Traffic Analyze Normal/Problem DNS Traffic Module 10: Analyze ARP Traffic ARP Overview ARP Packet Structure Filter on ARP Traffic Analyze Normal/Problem ARP Traffic Module 11: Analyze Ipv4 Traffic IP4 Overview Ipv4 Packet Structure Analyze Broadcast/Multicast Traffic Filter o Ipv4 Traffic IP Protocol Preferences Analyze Normal/Problem IP Traffic Module 12: Analyze ICMP Traffic ICMP Overview ICMP Packet Structure Filter on ICMP Traffic Analyze Normal/Problem ICMP Traffic Module 13: Analyze UDP Traffic UDP Overview Watch for Service Refusals UDP Packet Structure Filter on UDP Traffic Follow UDP Streams to Reassemble Data Analyze Normal/Problem UDP Traffic Module 14: Analyze TCP Protocol TCP Overview Watch for Service Refusals UDP Packet Structure Filter on UDP Traffic Follow UDP Streams to Reassemble Data Analyze Normal/Problem UDP Traffic Module 14: Analyze TCP Protocol

TCP Overview The TCP Connection Process TCP Handshake Problem Watch Service Refusals TCP Packet Structure The TCP Sequencing/Acknowledgement Process Packet Loss Detection in Wireshark Fast Recovery/Fast Retransmission Detection in Wireshark Retransmission Detection in Wireshark Out-of-Order Segment Detection in Wireshark Selective Acknowledgment (SACK) Window Scaling Window Size Issue: Receive Buffer Problem Window Size Issue: Unequal Window Size Beliefs TCP Sliding Window Overview Troubleshoot TCP Quickly with Expert Info Filter on TCP Traffic and TCP Problems Properly Set TCP Preferences Follow TCP Streams to Reassemble Data 16: Examine Advanced Trace File Statistics Build Advanced IO Graphs Graph Round Trip Times Graph TCP Throughput Find Problems Using TCP Time-Sequence Graphs Module 15: Graph Traffic Characteristics Advanced I/O Graphing Graph Round Trip Times Graph TCP Throughput Find Problems Using TCP Time Sequence Graphs Module 16: Analyze HTTP Traffic HTTP Overview HTTP Packet Structure Filter on HTTP Traffic Reassembling HTTP Objects HTTP Statistics HTTP Response Time Overview of HTTP/2 HTTP/2 Analysis Fundamentals HTTP/2 Frame Format Analyze Normal/Problem HTTP Traffic Module 17: Analyze TLS-Encrypted Traffic (HTTPS) Analyze HTTPS Traffic Encrypted Alerts Decryption Steps Filter on SSL Module 18: Review Your Key Troubleshooting Steps

Baseline Normal Traffic Use Color Look Who s Talking: Examine conversations and Endpoints Focus by Filtering Create Basic IO Graphs Examine Delta Time Values Examine the Expert System Follow the Streams Graph Bandwidth Use: Round Trip Time, and TCP Time/Sequence Information Watch Refusals and Redirections Labs Lab 1: Capture Traffic to/from Your Hardware Address Lab 2: Create Your Troubleshooting Profile Lab 3: Set Basic Preferences for Your Troubleshooting Profile Lab 4: Find, Mark, Save, and Colorize Packets Lab 5: Detect and Colorize High Latency Indications Lab 6: Find the Top Talkers and Protocols/Applications on a Network Lab 7: Create and Use an IO Graph to Spot Performance Issues Lab 8: Locate a Text String in a Trace File Lab 9: Create a Coloring Rule to Detect DNS Error Responses and Suspicious DNS Responses Lab 8: Locate a Text String in a Trace File Lab 9: Use Tshark to Capture Traffic to/from Other Hosts on the Network Lab 10: Analyze a Network Problem Indicated by ARP Lab 11: Filter on a Range of IPv4 Addresses Lab 12: Detect Suspicious Traffic with a New ICMP Coloring Rule Lab 13: Analyze UDP-Based Multicast Streams and Queuing Delays Lab 14: Use an IO Graph to Locate TCP Performance Issues Lab 15: Determine Whoh is at Fault and Work with Multiple Trace Files Lab 16: Determine the Cause of Slow File Downloads Lab 17: Use TCP Graphs to Detect the Cause of Performance Problems Lab 18: Create a Filter Expression Button to Detect HTTP Error Responses Lab 19: Export an HTTP Object Lab 20: Decrypt HTTPS Communications

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback