wireshark (ethereal) - how to use wisely wireshark · wireshark (ethereal) ... ethernet +...
TRANSCRIPT
32, Shacham St., POB 7765, Petah Tikva 49170, Israel Tel: (972) 03 924 7780 Fax: (972) 03 924 7783 – www.logtel.com
Wireshark (Ethereal) - How to wisely use Wireshark Course No. 1218 Duration: 2 Days Course Overview:
"Wireshark is the world's foremost network protocol analyzer, and is the de facto (and often de jure) standard across many industries and educational institutions" wireshark.org
Wireshark is used by network professionals around the world for troubleshooting, analysis, software and
protocol development, and education. It has all of the standard features you would expect in a protocol analyzer, and several features not seen in any other product. Its open source license officially allows
talented experts in the networking community to add enhancements.
Who should attend?
Professional people in the communication and IT fields, Network Administrators, Engineers, QA &
Testing, Software Developers, Technical support, Field Engineers
Prerequisites:
Basic knowledge of IP Networks
Course Content:
1. Introducing Network Analysis and Sniffers 2. Getting Started and Installing Wireshark 3. Wireshark first impression
Guided tour on Wireshark GUI Hands-on using on-line and off-line (trace)
files 4. Overview of Networks Technology
2nd Layer - Ethernet + Demonstrate 3rd Layer IP+ Demonstrate Transport Layer TCP/UDP + Demonstrate Security Layer intrusion detection, DOS
attacks + Demo 5. How to connect the Wireshark to Network
Elements Using cable, taps, hubs, switches Port Mirroring Wireless Sniffing
6. Capture Assignments 7. Introduction to the Wireshark (History, UI,
Filters)
8. Packet Capture Software Drivers
WinPcap (Windows), Libcap (Linux/Unix)
9. Using Wireshark - advanced session
Drill down Wireshark features
10. How to use filters Defining Capture Filters Defining Display Filters
Wireless Sniffing with Wireshark
11. Packet Captures in Real Network
Environment I will discuss few Network analyses for
example TCP port scans: this analysis is to map TCP ports that are open and
listening on a target device
12. Wireshark Special Analysis
Expert system Predefined analysis and Statistics
13. (Afternoon) - Open LAB
Using Wireshark online on local
Network
Exploring Wireshark Capabilities on
real network Class will exercise on pre-captured
Network Traces (all kind of protocols) Class will get few test cases on real
network - IP, ICMP, ARP, DNS traffic
- HTTP Traffic - VoIP Sessions (Signaling and media)
14. Summary