Module 1: Wireshark Fundamentals
Introduction to Wireshark
When to use Wireshark
Where to physically connect
Wireshark Graphical User Interface
Capturing network traffic
Labs:
Install Wireshark
Explore Wireshark installation
Capture and save network traffic
Understanding the packet details pane
Module 2: Viewing network protocols with Wireshark
Capture filters
Display filters
Preferences
Time stamps
Mark and ignore packets
Import and export packet captures
Labs:
Capture filters
Display filters
Module 3: Analyzing tools and troubleshooting techniques
Troubleshooting methodology
Configuration profiles
Preferences
Creating coloring rules
Establishing a baseline
Leveraging Wireshark statistical reports and graphs
Labs:
Custom profile
Coloring rules
Traffic baselines
Module 4: Analyzing and troubleshooting Layer 2 protocols
Ethernet frames
MAC addresses
ARP request/response procedure
STP
BPDU format
Bridge selection
Port states
VLANs
802.1Q frame encapsulation
Labs:
Ethernet
ARP
STP
802.1Q
Module 5: Analyzing and troubleshooting wireless protocols
How to sniffing wireless networks
802.11 WLAN traffic
Radiotap information
Beacons and network capabilities
Bluetooth 4.0 traffic
Sensor networks
802.15.4
ZigBee and ZigBee Pro
Labs:
RadioTap
IEEE 802.11
Bluetooth (OPTIONAL)
802.15.4 and ZigBee (OPTIONAL)
Module 6: Analyze and troubleshoot /P
IPv4 header
IPv4 address
IP packet fragmentation
ICMP messaging
RPL and 6LoWPAN to support the IoT
Labs:
IP
ICMP
RPL / 6LoWPAN (OPTIONAL)
Module 7: Analyze and troubleshoot TCP
Establishing a TCP connection
TCP header
Port numbers and sockets
Selective acknowledgements
Sliding window
Contention and advertised receiving windows
Congestion control
Labs:
TCP 3-Way Handshake
TCP fields
TCP traffic
Module 8: Analyze and troubleshoot UDP, and higher level protocols
Compare and contrast TCP and UDP
UDP header
DHCP communications
DNS process
HTTP/HTTPS
Labs:
UDP, DNS and DHCP (OPTIONAL)
HTTP (OPTIONAL)
Module 9: Course wrap up and best practices
Checklists
Managing trace files
Course wrap up
Labs:
Analyze a real-life capture
I/O graph