Course Outline
- Command-Line Tools and Their Usage
- TShark and Dumpcap Command-Line Tools
- Capinfos Command-Line Tool
- Editcap Command-Line Tool
- Mergecap Command-Line Tool
- Text2pcap Command-Line Tool
- Splitting and Merging Trace Files
- Advanced Usage of Capture and Display Filters
- Writing Advanced Capture Filter Scripts
- Writing Advanced Display Filters
- Utilizing Triggered Filters
- Advanced Usage of the Expert System
- Addressing Congestion - Shattered Windows and Flooding
- Establishing Network Communications Baselines
- Identifying Unusual Network Communications
- Vulnerabilities in the TCP/IP Resolution Process
- Lab Exercises and Case Studies
- Identifying Communicating Parties
- Port Scans
- Mutant Scans
- IP Scans
- Application Mapping
- OS Fingerprinting
- Lab Exercises and Case Studies
- VoIP Analysis
- SIP Analysis and Troubleshooting
- RTP, RTCP, and Media Analysis
- Creating VoIP Filters and Analysis Profiles
- Lab Exercises and Case Studies
- Application Analysis and Troubleshooting
- HTTP Analysis and Troubleshooting
- FTP Analysis and Troubleshooting
- DNS Operation and Troubleshooting
- Video Transmission Analysis
- Database Network-Related Problems
- Network Security and Forensics Basics
- Gathering Information – What to Look For
- Unusual Traffic Patterns
- Complementary Tools
- Detecting Suspicious Security Patterns
- MAC and IP Address Spoofing
- Attack Signatures and Signature Locations
- ARP Poisoning
- Header and Sequencing Signatures
- Attacks and Exploits
- TCP Splicing and Unusual Traffic
- DoS and DDoS Attacks
- Protocol Scans
- Maliciously Malformed Packets
- Lab Exercises and Case Studies
Requirements
Participants must have an in-depth understanding of the TCP/IP protocol stack and have completed the "Basic Network Troubleshooting using Wireshark" course or possess equivalent knowledge. Attendees must bring their laptops with Wireshark software installed (available for free download at www.wireshark.org).
Testimonials (5)
Many exercises, good knowladge
Piotr Kucharski
Course - Advanced Network Troubleshooting Using Wireshark
interesting practical cases
Robert
Course - Advanced Network Troubleshooting Using Wireshark
First of all it was very interesting practically for all topics covered by this training. Well balanced with theory, practise labs and breaks. Some of tips and tricks I have introduced to my work yet.
Dawid Wozny - ATOS PGS sp. z o.o.
Course - Advanced Network Troubleshooting Using Wireshark
That the Wojciech Wójcik knowledge is really huge.
Kornel - ATOS PGS sp. z o.o.
Course - Advanced Network Troubleshooting Using Wireshark
trainer listen to participants
