+44 (0)1737 821590
Advanced TCP/IP  |    A 5 day   hands on   training course

Advanced TCP/IP training course description

An intensive advanced TCP/IP course focusing on the details of the protocols according to the RFCs. This course is designed to go into the technical details of the protocols and is not for those that are new to TCP/IP. A particular focus is on TCP and performance. Those more interested in routing protocols should see our Definitive IP routing for engineers course. It is expected that delegates are totally familiar with configuration addressing. Hands on sessions consist of protocol analysis using Wireshark.

What will you learn
  • Analyse packets and protocols in detail.
  • Troubleshoot networks using Wireshark.
  • Find performance problems using Wireshark.
  • Perform network forensics.
Advanced TCP/IP training course details

Advanced TCP/IP training course contents

  • What is Wireshark?
  • Network analysis, troubleshooting, network traffic flows.
    Hands on Download/install Wireshark.

  • Wireshark introduction
  • Capturing packets, libpcap, winpcap, airpcap. Dissectors and plugins. The menus. Right click.
    Hands on Using Wireshark.

  • Capturing traffic
  • Wireshark and switches and routers. Remote traffic capture.
    Hands on Capturing packets.

  • Capture filters
  • Applying, identifiers, qualifiers, protocols, addresses, byte values. File sets, ring buffers.
    Hands on Capture filters.

  • Preferences
  • Configuration folders. Global and personal configurations. Capture preferences, name resolution, protocol settings. Colouring traffic. Profiles.
    Hands on Customising Wireshark.

  • Time
  • Packet time, timestamps, packet arrival times, delays, traffic rates, packets sizes, overall bytes.
    Hands on Measuring high latency.

  • Trace file statistics
  • Protocols and applications, conversations, packet lengths, destinations, protocol usages, strams, flows.
    Hands on Wireshark statistics.

  • Display filters
  • Applying, clearing, expressions, right click, conversations, endpoints, protocols, combining filters, specific bytes, regex filters.
    Hands on Display traffic.

  • Streams
  • Traffic reassembly, UDP and TCP conversations, SSL.
    Hands on Recreating streams.

  • Saving
  • Filtered, marked and ranges.
    Hands on Export.

  • TCP/IP Analysis
  • The expert system. DNS, ARP, IPv4, IPv6, ICMP, UDP, TCP.
    Hands on Analysing traffic.

  • IO rates and trends
  • Basic graphs, Advanced IO graphs. Round Trip Time, throughput rates.
    Hands on Graphs.

  • Application analysis
  • DHCP, HTTP, FTP, SMTP.
    Hands on Analysing application traffic.

  • WiFi
  • Signal strength and interference, monitor mode and promiscuous mode. Data, management and control frames.
    Hands on WLAN traffic.

  • VoIP
  • Call flows, Jitter, packet loss. RTP, SIP.
    Hands on Playing back calls.

  • Performance problems
  • Baselining. High latency, arrival times, delta times.
    Hands on Identifying poor performance.

  • Network forensics
  • Host vs network forensics, unusual traffic patterns, detecting scans and sweeps, suspect traffic.
    Hands on Signatures.

  • Command line tools
  • Tshark, capinfos, editcap, mergecap, text2pcap, dumpcap.
    Hands on Command tools.

Learning path

Reviews

5.0

Based on customer ratings

P. B. - CGG Veritas

"Very good instruction. Kept classes interesting and fun."


T. B. - BAE Systems

"The course gave the required amount of information and was very well presented."

Training approach

This structured training course seeks to build upon workbook learning through the use of group exercises, dynamic discussion and individual tasks in order to deliver an engaging and interactive module that will ensure all candidates are able to transfer their new skills into the workplace.