Course Outline
- Command-Line Tools and Their Usage
- TShark and Dumpcap Command-Line Utilities
- Capinfos Command-Line Utility
- Editcap Command-Line Utility
- Mergecap Command-Line Utility
- Text2pcap Command-Line Utility
- Splitting and Merging Trace Files
- Advanced Application of Capture and Display Filters
- Developing Advanced Capture Filter Scripts
- Crafting Advanced Display Filters
- Utilizing Triggered Filters
- Advanced Utilization of the Expert System
- Managing Congestion - Shattered Windows and Flooding
- Establishing Network Communication Baselines
- Identifying Unusual Network Communications
- Vulnerabilities in the TCP/IP Resolution Process
- Laboratory Exercises and Case Studies
- Identifying Communicating Parties
- Port Scans
- Mutant Scans
- IP Scans
- Application Mapping
- OS Fingerprinting
- Laboratory Exercises and Case Studies
- VoIP Analysis
- SIP Analysis and Troubleshooting
- RTP, RTCP, and Media Analysis
- Creating VoIP Filters and Analysis Profiles
- Laboratory Exercises and Case Studies
- Application Analysis and Troubleshooting
- HTTP Analysis and Troubleshooting
- FTP Analysis and Troubleshooting
- DNS Operation and Troubleshooting
- Video Transmission Analysis
- Database Network-Related Problems
- Network Security and Forensics Fundamentals
- Gathering Information – Key Indicators to Look For
- Unusual Traffic Patterns
- Complementary Tools
- Detecting Suspicious Security Patterns
- MAC and IP Address Spoofing
- Attack Signatures and Signature Locations
- ARP Poisoning
- Header and Sequencing Signatures
- Attacks and Exploits
- TCP Splicing and Unusual Traffic
- DoS and DDoS Attacks
- Protocol Scans
- Maliciously Malformed Packets
- Laboratory Exercises and Case Studies
Requirements
A comprehensive understanding of the TCP/IP protocol stack is required, along with completion of the “Basic Network Troubleshooting using Wireshark” course or equivalent experience. Participants must bring their own laptops equipped with Wireshark software (available for free download at www.wireshark.org).
Testimonials (5)
Many exercises, good knowladge
Piotr Kucharski
Course - Advanced Network Troubleshooting Using Wireshark
interesting practical cases
Robert
Course - Advanced Network Troubleshooting Using Wireshark
First of all it was very interesting practically for all topics covered by this training. Well balanced with theory, practise labs and breaks. Some of tips and tricks I have introduced to my work yet.
Dawid Wozny - ATOS PGS sp. z o.o.
Course - Advanced Network Troubleshooting Using Wireshark
That the Wojciech Wójcik knowledge is really huge.
Kornel - ATOS PGS sp. z o.o.
Course - Advanced Network Troubleshooting Using Wireshark
trainer listen to participants
