D. H. Cobham Aviation Services
S. M. Cadbury Schweppes
WCNA training course contents
What is Wireshark?
Network analysis, troubleshooting, network traffic flows.
Hands on: Download/install Wireshark.
Capturing packets, libpcap, winpcap, airpcap. Dissectors and plugins. The menus. Right click.
Hands on: Using Wireshark.
Wireshark and switches and routers. Remote traffic capture.
Hands on: Capturing packets.
Applying, identifiers, qualifiers, protocols, addresses, byte values. File sets, ring buffers.
Hands on: Capture filters.
Configuration folders. Global and personal configurations. Capture preferences, name resolution, protocol settings. Colouring traffic. Profiles.
Hands on: Customising Wireshark.
Packet time, timestamps, packet arrival times, delays, traffic rates, packets sizes, overall bytes.
Hands on: Measuring high latency.
Trace file statistics
Protocols and applications, conversations, packet lengths, destinations, protocol usages, strams, flows.
Hands on: Wireshark statistics.
Applying, clearing, expressions, right click, conversations, endpoints, protocols, combining filters, specific bytes, regex filters.
Hands on: Display traffic.
Traffic reassembly, UDP and TCP conversations, SSL.
Hands on: Recreating streams.
Filtered, marked and ranges.
Hands on: Export.
The expert system. DNS, ARP, IPv4, IPv6, ICMP, UDP, TCP.
Hands on: Analysing traffic.
IO rates and trends
Basic graphs, Advanced IO graphs. Round Trip Time, throughput rates.
Hands on: Graphs
DHCP, HTTP, FTP, SMTP.
Hands on: Analysing application traffic.
Signal strength and interference, monitor mode and promiscuous mode. Data, management and control frames.
Hands on: WLAN traffic.
Call flows, Jitter, packet loss. RTP, SIP.
Hands on: Playing back calls.
Baselining. High latency, arrival times, delta times.
Hands on: Identifying poor performance.
Host vs network forensics, unusual traffic patterns, detecting scans and sweeps, suspect traffic.
Hands on: Signatures.
Command line tools
Tshark, capinfos, editcap, mergecap, text2pcap, dumpcap.
Hands on: Command tools.
Why Choose Us
SNT trainers score an average of over 90% on the three main areas of:
- Ability to teach
- Technical knowledge
- Answering questions
We limit our maximum class size to 8 delegates; often we have less than this. This ensures optimal interactivity between delegates and instructor.
"Excellent course. The small class size was a great benefit…" M.B. IBM
We write our own courses; courseware does not just consist of slides and our slides are diagrams not bullet point text. A typical chapter provides clearly defined objectives with a chapter overview, slides with text underneath, a quiz at the end to check the learning of the students. Hands on exercises are at the end and are used to reinforce the theory.