+44 (0)1737 821590
Wireshark 101 for engineers  |    A 2 day   hands on   training course

Wireshark 101 training course description

Wireshark is a free network protocol analyser. This hands-on course provides a starting point for troubleshooting networks using Wireshark. The course concentrates on the Wireshark product and students will gain from the most from this course only if they already have a sound knowledge of the TCP/IP protocols.

What will you learn
  • Download and install Wireshark.
  • Capture and analyse packets with Wireshark.
  • Configure capture and display filters.
  • Customise Wireshark.
  • Troubleshoot networks using Wireshark.
Wireshark 101 training course details

Wireshark 101 training course contents

  • What is Wireshark?
  • Protocol analysers, Wireshark features, versions, troubleshooting techniques with Wireshark.

  • Installing Wireshark
  • Downloading Wireshark, UNIX issues, Microsoft issues, the role of winpcap, promiscuous mode, installing Wireshark. Wireshark documentation and help.
    Hands on Downloading and installing Wireshark.

  • Capturing traffic
  • Starting and stopping basic packet captures, the packet list pane, packet details pane, packet bytes pane, interfaces, using Wireshark in a switched architecture.
    Hands on Capturing packets with Wireshark.

  • Troubleshooting networks with Wireshark
  • Common packet flows.
    Hands on Analysing a variety of problems with Wireshark.

  • Capture filters
  • Capture filter expressions, capture filter examples (host, port, network, protocol, worm), primitives, combining primitives, payload matching.
    Hands on Configuring capture filters.

  • Display filters
  • Applying and clearing filters. Protocol, fields, addresses, frames containing strings. Filter comparisons. Combining filters. Finding packets, marking packets.
    Hands on Configuring display filters.

  • Working with captured packets
  • Live packet capture, saving to a file, capture file formats, reading capture files from other analysers, merging capture files.
    Hands on Saving captured data.

  • Analysis and statistics with Wireshark
  • Following TCP streams, protocol statistics, conversation lists, endpoint lists, I/O graphs, protocol specific statistics.
    Hands on Using the analysis and statistics menus.

  • Command line tools
  • Tshark, tethereal, capinfos, editcap, mergecap, text2pcap, idl2eth.
    Hands on Using tshark.

  • Advanced issues
  • 802.11 issues, management frames, monitor mode, packet reassembling, name resolution, customising Wireshark.
    Hands on Customising name resolution.

Learning path



Based on customer ratings

M. M. - Cobham Aviation Services

"Excellent course. Already told colleagues to get on it."

A. H-S. - Optasense

"Plenty of content and good structure and documentation for future reference."

Training approach

This structured training course seeks to build upon workbook learning through the use of group exercises, dynamic discussion and individual tasks in order to deliver an engaging and interactive module that will ensure all candidates are able to transfer their new skills into the workplace.