Packet Analysis Power Workshop (PAPW)

Detailed Course Outline

Functions and basic operation of Wireshark Analyzer
  • Introduction and operation of the Analyzer
  • Live capture and live capture settings
  • Display options and analysis possibilities
  • Working with Capture Filter and Display Filter
  • File Input and Output
Advanced functions of Wireshark
  • Settings and user profiles
  • Name resolution
  • Reconstruction of user data - Reassembly of the protocol
  • Packet coloring
Methods and techniques for analysis and troubleshooting
  • What is packet analysis?
  • Steps and techniques of traffic analysis
  • Ethernet switch analysis
  • Recording of wireless network traffic
  • Determining delay and response times
  • Measure and determine throughput and overhead
  • Statistics and baselining
  • Baselining of applications on the network
  • Wireshark statistics
  • Network problems vs. application problems
  • Typical network problems
  • Application types and typical application problems
  • "Is it the network or the application?" - Isolation of error situations
  • Analysis and reconstruction of voice traffic
Switched Ethernet Analysis
  • Ethernet Analysis
  • VLANs and VLAN tagging
TCP/IP analysis of the network layer
  • IP Addressing
  • Typical IP network problems
  • IP options
  • ICMP, ARP and DHCP
TCP/IP Analysis of the Transport Layer
  • TCP Functions
  • Session Setup, Data Transfer and Session Teardown
  • Window mechanism and window optimization
  • TCP options (SACK, Window Scaling) and TCP timer
  • TCP graphs
  • UDP functions
Analysis of TCP/IP with Wireshark
  • Wireshark settings for advanced TCP/IP analysis
  • Typical problems with TCP/IP
  • Wireshark Expert info messages and their meaning
TCP/IP applications
  • HTTP
  • FTP
  • DNS
  • TLS