+44 (0)1737 821590
Wireshark 101 for engineers  |    A 2 day   hands on   training course

Wireshark 101 training course description

Wireshark is a free network protocol analyser. This hands-on course focuses on troubleshooting networks using the Wireshark protocol analyser. The course concentrates on the product and students will gain from the most from this course only if they already have a sound knowledge of the TCP/IP protocols

What will you learn
  • Download and install Wireshark.
  • Capture and analyse packets with Wireshark.
  • Configure capture and display filters.
  • Customise Wireshark.
  • Troubleshoot networks using Wireshark.
Wireshark 101 training course details

Wireshark 101 training course contents

  • What is Wireshark?
  • Protocol analysers, Wireshark features, versions, troubleshooting techniques with Wireshark.

  • Installing Wireshark
  • Downloading Wireshark, UNIX issues, Microsoft issues, the role of winpcap, promiscuous mode, installing Wireshark. Wireshark documentation and help.
    Hands on Downloading and installing Wireshark.

  • Capturing traffic
  • Starting and stopping basic packet captures, the packet list pane, packet details pane, packet bytes pane, interfaces, using Wireshark in a switched architecture.
    Hands on Capturing packets with Wireshark.

  • Troubleshooting networks with Wireshark
  • Common packet flows.
    Hands on Analysing a variety of problems with Wireshark.

  • Capture filters
  • Capture filter expressions, capture filter examples (host, port, network, protocol), primitives, combining primitives, payload matching.
    Hands on Configuring capture filters.

  • Working with captured packets
  • Live packet capture, saving to a file, capture file formats, reading capture files from other analysers, merging capture files, finding packets, going to a specific packet, display filters, display filter expressions.
    Hands on Saving captured data, configuring display filters.

  • Analysis and statistics with Wireshark
  • Enabling/disabling protocols, user specified decodes, following TCP streams, protocol statistics, conversation lists, endpoint lists, I/O graphs, protocol specific statistics.
    Hands on Using the analysis and statistics menus.

  • Command line tools
  • Tshark, capinfos, editcap, mergecap, text2pcap, idl2eth.
    Hands on Using tshark.

  • Advanced issues
  • 802.11 issues, management frames, monitor mode, packet reassembling, name resolution, customising Wireshark.
    Hands on Customising name resolution.

Learning path



Based on customer ratings

M. M. - Cobham Aviation Services

"Excellent course. Already told colleagues to get on it."

A. H-S. - Optasense

"Plenty of content and good structure and documentation for future reference."

Training approach

This structured training course seeks to build upon workbook learning through the use of group exercises, dynamic discussion and individual tasks in order to deliver an engaging and interactive module that will ensure all candidates are able to transfer their new skills into the workplace.