- Good knowledge of network TCP/IP
1. Introduction to network troubleshooting
• Troubleshooting tools
• Root cause analysis
• Troubleshooting methodologies
2. Introduction to Wireshark
• Overview of Wireshark Features
• Navigating the UI
• Capture and display filters
• Configuring Global Preferences
• Navigation and Colorization Techniques
• Using Time Values and Summaries
• Examining Basic Trace File Statistics
• Save, Export and Print
• Configuration best practices (ease of use, optimal performance)
3. Capture and Display Filters
• Capture filters – basics and filter language
• Display filters – basics and filter language
• Useful filters
• Advanced Capture filters scripts
• Advanced Display filters
• Triggered filters
4. Analyzing by Traffic Type
• IPv4, ICMP, DNS, ARP, UDP, TCP, HTTP/HTTPS, FTP, IPv6, ICMPv6
• Troubleshooting TCP/IP Applications, TCP/IP Resolution Flowchart
• Troubleshooting Enterprise Application Networking Issues
5. Time Values and Summaries
• Use the default time column setting and precision
• Use time between packets
• Set a time reference and view capture times
• Troubleshooting timing problems
6. Command-Line Tools
• TShark and Dumpcap Command-Line Tools
• Capinfos Command-Line Tool
• Editcap Command-Line Tool
• Mergecap Command-Line Tool
• Text2pcap Command-Line Tool
• Split and Merge Trace Files
7. Statistics Tools
• I/O graphs
• Flow graphs
• Round-Trip-Time graphs
• Service response times
• Analyze TCP/IP back-and-forth flows
• Analyse applications flows
8. Expert System Usage
• Exploring the Expert System
• Normal and un-normal Network Communications
• Causes of Performance Problems
• Packet Losses, Ack to longs and Retransmissions Dealing with congestion - shattered windows and flooding
• Baseline network communications
• Unusual network communications
• Vulnerabilities in the TCP/IP resolution process