Advanced Packet Analysis with Wireshark Analyzer
Course
In London
Description
-
Type
Course
-
Location
London
Delegates will acquire knowledge and experience about detailed analysis and troubleshooting of typical network protocols and applications with specific focus on switched Ethernet, TCP/IP networks and TCP/IP based applications.
Facilities
Location
Start date
Start date
Reviews
Subjects
- IT
Course programme
- Capturing network traffic
- Promiscuous Mode
- Full Duplex vs. Half Duplex
- Capture Speeds
- How to capture FDX
- Efficient Capture Techniques
- Data Collection - Hub/Mini Switch/SPAN Port
- SPAN with VLANs
- Remote SPAN
- Capturing Data - Duplicate Frames
- Data Collection - Taps / Splitters
- Additional Capture Options
- Network Capture Misdemeanors
- Capturing Wireless Networks
- Planning the Capture Operation (WLAN or cabled LAN)
- Planning the Capture Operation
- Verify the Installation
- Ethernet Overview
- IEEE Standards
- Ethernet structure
- Ethernet
- Duplex and speed in switched networks
- Autonegotiation
- Ethernet Spanning Tree Protocol
- Bridge Protocol Data Unit
- Spanning Tree Principles
- Spanning Tree Issues
- Rapid Spanning Tree
- Spanning Tree Analysis in Practice
- Ethernet
- Virtual LANs
- 802.1Q and 802.1
- VLAN Tags in Wireshark
- Filtering VLAN ID
- Capturing Tagged Frames
- IP Header
- IP Characteristics
- IP Addressing
- IP Routing
- ICMP Header structure
- ICMP Codes and Types
- ICMP Echo Request & Reply
- Address Mask Request and Reply
- Time Stamp Request and Reply
- ICMP error messages
- ICMP header structure
- Fragmentation
- Symptoms of incorrect MTU
- ICMP and Routing Issues
- Routing Loops and TTL Exceeded
- ICMP Redirect
- ICMP Redirect header structure
- ICMPs in a working net
- How ARP works
- ARP in a Trace File
- ARP in a Routed Network
- How different Network Devices handle ARP
- Gratuitous ARP
- Locating problems with ARP
- ARP Step by Step
- Proxy ARP
- DHCP Functions
- BOOTP
- DHCP Filter in Wireshark
- DHCP Standard Operation: DORA
- DHCP Options
- DHCP Inform
- DHCP Relay
- APIPA: when DHCP fails
- Introduction to TCP
- TCP as Transport Protocol
- TCP's use of IP as Network Protocol
- TCP Header Layout
- Classic TCP Flags
- New TCP Flags
- TCP Ports and Sockets
- Connection Setup
- Connection Shutdown
- Sequence Numbers and Acknowledgements
- Sliding Windows
- Nagle Algorithm
- TCP Efficiency with short messages
- Introduction to UDP
- UDP as a Transport Protocol
- UDP Header
- Short message transmission using UDP
- Network Naming Systems: DNS & WINS
- DNS domain structure
- DNS as application protocol
- Recursive Search
- Authoritative Responses
- Cached Responses
- Risks of recursive Searching
- Cache Poisoning
- Important DNS record types
- DNS compression
- Interpreting Hostname flags
- Interpreting the pointer
- DNS Return Codes
- Server Failure
- Nonexistent Domain
- Action Refused
- FTP model
- Active and Passive FTP
- Transfer Modes
- FTP access commands
- Authentication
- FTP file transfer commands
- Other FTP commands
- LIST Operation in Tracefile
- FTP Status Codes
- FTP errors in Wireshark
- FTP problems
- Additional FTP issues
- 2-1 Spanning Tree
- 4-1 ICMP
- 5-1 ARP
- 6-1 DHCP
- 7-1 TCP Handshake
- 7-2 TCP Window Size
- 7-3 TCP Retransmission
- 7-4 Nagle Algorithm (Optional)
- 9-1 DNS
- 10-1 FTP
Advanced Packet Analysis with Wireshark Analyzer