Advanced Network Troubleshooting Using Wireshark Training Course

Primary tabs

Course Language

This course is delivered in English.

Course Code

nettbswsadv

Duration Duration

21 hours (usually 3 days including breaks)

Requirements Requirements

In-depth knowledge of the TCP/IP protocol stack, along with participating in the “Basic Network Troubleshooting using Wireshark” course or equivalent knowledge. The participants should bring their laptops with Wireshark software (free download from the site - www.wireshark.org)

Overview Overview

This course is a continuation of the "Basic Network Troubleshooting Using Wireshark" course, and comes to provide the participants with advanced capabilities for network troubleshooting. The course provides an in-depth knowledge of network behaviour and problems, along with the capabilities to isolate and solve security and advanced applications problems. The course is based on theory, class exercise and labs.

Course Outline Course Outline

  • Command-Line Tools and How to Use Them
  • TShark and Dumpcap Command-Line Tools
  • Capinfos Command-Line Tool
  • Editcap Command-Line Tool
  • Mergecap Command-Line Tool
  • Text2pcap Command-Line Tool
  • Split and Merge Trace Files
  • Advance usage of Capture and Display Filters
  • Writing advanced Capture filters scripts
  • Writing Advanced Display filters
  • Using triggered filters
  • The Expert System Advance Usage
  • Dealing with congestion - shattered windows and flooding
  • Baseline network communications
  • Unusual network communications
  • Vulnerabilities in the TCP/IP resolution process
  • Lab exercises and case studies
  • Who is talking?
  • Port Scans
  • Mutant Scans
  • IP Scans
  • Application Mapping
  • OS Fingerprinting
  • Lab exercises and case studies
  • VoIP Analysis
  • SIP analysis and troubleshooting
  • RTP, RTCP and media analysis
  • Creating VoIP filters and analysis profiles
  • Lab exercises and case studies
  • Applications Analysis and Troubleshooting
  • HTTP analysis and troubleshooting
  • FTP analysis and troubleshooting
  • DNS operation and troubleshooting
  • Video transmission analysys
  • Databases network-related problems
  • Network Security and Forensics Basics
  • Gather information – what to look for
  • Unusual traffic patterns
  • Complementary tools
  • Detecting Security Suspicious Patterns
  • MAC and IP address spoofing
  • Attacks signatures and signature locations
  • ARP poisoning
  • Header and sequencing signatures
  • Attacks and exploits
  • TCP splicing and unusual traffic
  • DoS and DDoS Attacks
  • Protocol scans
  • maliciously malformed packets
  • Lab exercises and case studies

Guaranteed to run even with a single delegate!
Public Classroom Public Classroom
Participants from multiple organisations. Topics usually cannot be customised
From £3950
(57)
Private Classroom Private Classroom
Participants are from one organisation only. No external participants are allowed. Usually customised to a specific group, course topics are agreed between the client and the trainer.
From £3950
Request quote
Private Remote Private Remote
The instructor and the participants are in two different physical locations and communicate via the Internet
From £2990
Request quote

The more delegates, the greater the savings per delegate. Table reflects price per delegate and is used for illustration purposes only, actual prices may differ.

Number of Delegates Public Classroom Private Classroom Private Remote
1 £3950 £3950 £2990
2 £2485 £2470 £1990
3 £1997 £1977 £1657
4 £1753 £1730 £1490
Cannot find a suitable date? Choose Your Course Date >>
Too expensive? Suggest your price

Related Categories


Course Discounts

Upcoming Courses

VenueCourse DateCourse Price [Remote/Classroom]
Aberdeen - Berry StreetMon, 2016-10-10 09:30£2990 / £4490
OxfordWed, 2016-10-12 09:30£2990 / £4425
Leicester - St. Georges HouseWed, 2016-10-12 09:30£2990 / £4250
Coventry - The QuadrantMon, 2016-10-17 09:30£2990 / £4250
Manchester, King StreetTue, 2016-10-18 09:30£2990 / £4575

Some of our clients