Description
In this coures, you will :
- Using precaptured packets from online repositories, learn about protocol field values and what is considered normal behaviour.
- This course guides you through Wireshark's numerous features.
- Compares legacy and next-generation Wireshark versions, shows how to install this tool on a PC and a Mac, and explores the Wireshark interface.
- Delves into detailed packet analysis of common protocols like TCP, IP, DHCP, and DNS.
Syllabus :
1. Traffic Capture Overview
- Benefits of traffic analysis
- Legacy versus Wireshark NG
- Download and install on a PC or MAC
2. Getting Started with Wireshark
- Explore the Wireshark interface
- Getting help
- Tap into the data stream
- Using display and capture filters
- The OSI model
- Frame formation
3. Examining the Internet Suite
- Understanding the TCP/IP suite
- TCP
- TCP handshake and teardown
- UDP
- IPv4
- IPv6
- ICMP
- ICMPv6
4. Deep Packet Analysis of Common Protocols
- DNS
- DHCP
- FTP
- HTTP
- ARP
5. Working with Packet Captures
- The Wireshark expert system
- Network latency issues
- Subset, save, and export
- Using CloudShark