Wireshark is the world’s foremost and widely-used network protocol analyzer. Network analysis and troubleshooting data packets in a network is always a daunting task. But Wireshark always comes to rescue in such situations. As the Wireshark is used widely inside commercial, non-profit, educational and at various places; it becomes crucial for IT people to know deeply about Wireshark’s capabilities to get insight at microscopic level in a network and know what’s happening in order to analyze, troubleshoot, monitor and sometimes capture sensitive credentials passing through the wires.
5 seats left in early bird discount!
Wireshark is the world’s foremost and most widely used network protocol analyzer. Network analysis and troubleshooting data packets in a network are always daunting tasks. But Wireshark comes to rescue in such situations. As the Wireshark is used widely for commercial, non-profit, and educational purposes, and at various places, it becomes crucial for IT people to know intimately about Wireshark’s capabilities to get insight at the 1’s and 0’s level in a network and know what’s happening in order to analyze, troubleshoot, monitor, and sometimes capture sensitive credentials passing through the wires.
Course release: January 28th 2018
Course duration: 18 hours (18 CPE points)
Course is self-paced and pre-recorded
What will you learn?
- Working knowledge of Wireshark
- Usage of Wireshark
- Capabilities of the Wireshark
- Various knowledge of IO functions used
- Identify network, protocol, application issues
- Packet filtering in a large network
- Analysis of data packets for application protocol, network protocol
- IPv4 and IPv6 analysis
What skills will you gain?
- Network analysis
- Protocol analysis
- Live and offline data packet analysis
- Network troubleshooting using Wireshark
- Live network monitoring using Wireshark
- Traffic capture with various options
- Filter the traffic using own rules
- Troubleshooting the network issues
- Detecting unauthorized scanning
- Traffic baselining
What will students need (course requirements)?
- Kali Linux or Windows
- Wireshark (installed by default in Kali)
- Working network connection
What should you know before you join?
- Basics of TCP/IP and OSI model
- Basics of protocols and networking
- 3-way handshake
Atul Tiwari has over 5 years of working experience in the field of “web application penetration testing” with over 10 years in security training. He has trained more than 45k students across 162 countries in online mode. Atul has specialized in web security testing and have conducted over hundreds of pentesting, audits, testing of web applications since 2013. He holds CISSP certifications with CEH, cyber laws, CCNA. He is founder and CTO at gray hat | security (INDIA) www.grayhat.in
Module 1: Getting started with Wireshark
Hands-on usage and details will be covered from simple startup to customization of profiles for the user. Various protocols will be set in preferences for detailed focus over analysis and setup.
Module 1 covered topics:
- Preparing the SHARK
- Identifying nine GUI elements
- Creating profiles
- Walk-through of features
- Global and personal preferences
- CLI of Wireshark Tshark
- Intro to Pcap
Module 1 exercises:
- Create profiles for multiple preferences
Module 2 Traffic capture and packet filtering
Capturing the traffic of various protocols and filter the same with HTTP, TCP, UDP, DNS, VoIP, ARP, and much more.
Module 2 covered topics:
- Capturing traffic
- Capture filters
- Capture filters vs display filters
- Creating and implementing display filters
- IP and port filtering
- Tapping into network to capture traffic
- Following streams and data
- BPF syntax
- Colorizing traffic
- Saving, exporting, annotating, and printing packets
- Remotely capturing traffic
Module 2 exercises:
- Filter traffic based on IP and port number
- Filter HTTP cookies
- Make capture filter rules
Module 3: Statistics
How to get more out of the captured traffic and analysis to get more deeply and fine-tuned results.
Module 3 covered topics:
- Tracing file statistics
- Saving traces
- Graph IO rates and TCP trends
- Wireshark’s expert system
- Time values and interpretation
Module 3 exercises:
- Collect trace files packets
- Explore time values
Module 4: Advanced analysis of networks
Analyzing different protocols, capturing the VoIP communications and playback using asterisks server and IP telephony setup. As a network engineer, one can dive into Wireshark’s plugins, create rules for detecting unauthorized scanning of the network and intrusion detection, and fix various issues as well.
Module 4 covered topics:
- Different protocol analysis
- IPv4 and IPv6 analysis
- Email protocol analysis
- Sniffing clear text protocols
- VoIP analysis and playback
- Traffic baselining
- Intrusion detection using Wireshark
- Finding and fixing an issue in the wire
- Wireshark’s plugins
Module 4 exercises:
- Analyze DNS traffic
- Analyze HTTP communication
- The course is self-paced – you can visit the training whenever you want and your content will be there.
- Intitial module release dates: January 28th (Module 1), February 4th (Module 2), February 11th (Module 3), February 18th (Module 4).
- Once you’re in, you keep access forever, even when you finish the course.
- There are no deadlines, except for the ones you set for yourself.
- We designed the course so that a diligent student will need about 18 hours of work to complete the training.
- Your time will be filled with reading, videos, and exercises.
No Reviews found for this course.