Course Outline
- Command-Line Tools and How to Use Them
- TShark and Dumpcap Command-Line Tools
- Capinfos Command-Line Tool
- Editcap Command-Line Tool
- Mergecap Command-Line Tool
- Text2pcap Command-Line Tool
- Split and Merge Trace Files
- Advanced usage of Capture and Display Filters
- Writing advanced Capture filter scripts
- Writing Advanced Display filters
- Using triggered filters
- Advanced Usage of the Expert System
- Dealing with congestion - shattered windows and flooding
- Baseline network communications
- Unusual network communications
- Vulnerabilities in the TCP/IP resolution process
- Lab exercises and case studies
- Who is talking?
- Port Scans
- Mutant Scans
- IP Scans
- Application Mapping
- OS Fingerprinting
- Lab exercises and case studies
- VoIP Analysis
- SIP analysis and troubleshooting
- RTP, RTCP and media analysis
- Creating VoIP filters and analysis profiles
- Lab exercises and case studies
- Applications Analysis and Troubleshooting
- HTTP analysis and troubleshooting
- FTP analysis and troubleshooting
- DNS operation and troubleshooting
- Video transmission analysis
- Databases network-related problems
- Network Security and Forensics Basics
- Gather information – what to look for
- Unusual traffic patterns
- Complementary tools
- Detecting Security Suspicious Patterns
- MAC and IP address spoofing
- Attacks signatures and signature locations
- ARP poisoning
- Header and sequencing signatures
- Attacks and exploits
- TCP splicing and unusual traffic
- DoS and DDoS Attacks
- Protocol scans
- maliciously malformed packets
- Lab exercises and case studies
Requirements
Participants must have in-depth knowledge of the TCP/IP protocol stack and have either completed the 'Basic Network Troubleshooting using Wireshark' course or possess equivalent knowledge. Attendees must bring their own laptops with Wireshark software installed, which can be downloaded free of charge from www.wireshark.org.
Testimonials (5)
Many exercises, good knowladge
Piotr Kucharski
Course - Advanced Network Troubleshooting Using Wireshark
interesting practical cases
Robert
Course - Advanced Network Troubleshooting Using Wireshark
First of all it was very interesting practically for all topics covered by this training. Well balanced with theory, practise labs and breaks. Some of tips and tricks I have introduced to my work yet.
Dawid Wozny - ATOS PGS sp. z o.o.
Course - Advanced Network Troubleshooting Using Wireshark
That the Wojciech Wójcik knowledge is really huge.
Kornel - ATOS PGS sp. z o.o.
Course - Advanced Network Troubleshooting Using Wireshark
trainer listen to participants
