Learn how to analyze network problems with Wireshark, a free, open-source packet analysis tool that helps identify congestion issues, suspicious activity, and network intrusions.
Overview
Syllabus
Introduction
- Analyze network problems
- What you need to know
- Getting the most out of Wireshark
- Navigating the Wireshark interface
- Investigating the Edit Menu choice
- Exploring the View Menu choice
- Getting ready to capture
- Examining a capture
- Challenge: Examining evidence of congestion
- Response: Examining evidence of congestion
- Displaying time
- Viewing Details and Expert Info
- Graphing the TCP Streams
- Challenge: Using time to view gaps in transmission
- Response: Using time to view gaps in transmission
- Viewing conversations and endpoints
- Creating a flow graph
- Plotting an IO graph
- Challenge: Using a Flow Graph
- Response: Using a Flow Graph
- Troubleshooting the Network
- Spotting an ARP Storm
- Identifying bursty traffic
- Protecting from packet sniffing
- Examining Macof attacks
- Challenge: Identify a scanning signature
- Solution: Identify a scanning signature
- What's next?
Taught by
Lisa Bock