Packet Analysis Power Workshop (PAPW)

Detailed Course Outline

Functions and basic operation of Wireshark Analyzer

• Introduction and operation of the Analyzer
• Live capture and live capture settings
• Display options and analysis possibilities
• Working with Capture Filter and Display Filter
• File Input and Output

Advanced functions of Wireshark

• Settings and user profiles
• Name resolution
• Reconstruction of user data - Reassembly of the protocol
• Packet coloring

Methods and techniques for analysis and troubleshooting

• What is packet analysis?
• Steps and techniques of traffic analysis
• Ethernet switch analysis
• Recording of wireless network traffic
• Determining delay and response times
• Measure and determine throughput and overhead
• Statistics and baselining
• Baselining of applications on the network
• Wireshark statistics
• Network problems vs. application problems
• Typical network problems
• Application types and typical application problems
• "Is it the network or the application?" - Isolation of error situations
• Analysis and reconstruction of voice traffic

Switched Ethernet Analysis

• Ethernet Analysis
• VLANs and VLAN tagging

TCP/IP analysis of the network layer

• IP Addressing
• Typical IP network problems
• IP options
• ICMP, ARP and DHCP

TCP/IP Analysis of the Transport Layer

• TCP Functions
• Session Setup, Data Transfer and Session Teardown
• Window mechanism and window optimization
• TCP options (SACK, Window Scaling) and TCP timer
• TCP graphs
• UDP functions

Analysis of TCP/IP with Wireshark

• Wireshark settings for advanced TCP/IP analysis
• Typical problems with TCP/IP
• Wireshark Expert info messages and their meaning

TCP/IP applications

• HTTP
• FTP
• DNS
• TLS