Wireshark Packet Analysis Boot Camp (PAPW)

Course Description Schedule Course Outline

About this Course

Packet Analysis Power Workshop (PAPW) is a 5 day Fast Lane course designed to give you a basic understanding of how to use the Wireshark Analyzer with all features and functions. You will gain knowledge on troubleshooting network protocols and pinpointing the source of bad performance using Wireshark. The PAPW training class reinforces the instruction by providing you with plenty of hands-on labs in which a wide range of network problems are closely examined.

Who should attend

  • Network administrators, network managers, and all technical staff who are responsible for planning, implementing and ensuring high performance operation of their data networks.

Class Prerequisites

What You Will Learn

Upon completing this course,you will be able to meet these overall objectives:

  • Master the Wireshark user interface and configuration
  • Select measuring point and measuring technique
  • Collect and evaluating network statistics
  • Identify probable causes
  • Examine network protocol layers for abnormal behavior
  • Determine the source of a problem: network, workstation, server or application
  • Improve network performance where possible
  • Correct inefficient network configurations

Outline: Wireshark Packet Analysis Boot Camp (PAPW)

Features, functions and basic operation of Wireshark Analyzer

  • Introduction and operation of Wireshark
  • Live Capture and Live Capture settings
  • Display options and basic interpretation
  • Working with Display Filters and Capture Filters
  • File Input and Output

Advanced features of Wireshark Analyzer

  • Preferences and user profiles
  • Name resolution
  • Reconstructing user data – Protocol reassembly
  • Packet colorization

Methodology and techniques of network analysis

  • What is packet analysis?
  • Steps and techniques for analyzing traffic
  • Analysing Switched Ethernet - Tapping into the network
  • Capturing wireless network traffic
  • Measuring network delay and response time
  • Measuring network throughput and overhead

Statistics and Baselining

  • Baselining of networks and applications
  • Wireshark statistics

Analysing networks and applications

  • Typical network related problems
  • Application types and typical application related problems
  • "Is it the network or the application?" – Fault isolation
  • Analysing and reconstructing voice traffic

Switched Ethernet analysis

  • Spanning Tree operation and Spanning Tree analysis
  • Analyzing VLANs, VLAN-Tagging

TCP/IP analysis of the network layer

  • IP addressing
  • Typical IP scenarios
  • IP options
  • ICMP, ARP and DHCP

TCP/IP analysis of the transport layer

  • TCP functions
  • Session Setup, Data Transfer and Session Teardown
  • Window Mechanism and Window optimization
  • TCP options (SACK, Window Scaling) and TCP timers
  • UDP functions

Analyzing TCP/IP with Wireshark

  • Wireshark preferences for advanced TCP/IP analysis
  • Typical TCP/IP related problems
  • Wireshark Expert Info messages and their meanings

TCP/IP applications

  • HTTP
  • FTP
  • DNS
  • SSL


  • Searching in a tracefile
  • Display Filter
  • TCP Paket Reassembly
  • TCP Graphs
  • Throughput and Overhead
  • Case Study
  • Spanning Tree Analysis
  • Troubleshooting ICMP
  • ARP Operation
  • DHCP problems
  • TCP Handshake & Options
  • TCP Sliding Window
  • Packet Retransmissions
  • Nagle Algorithm
  • FTP Troubleshooting
  • HTTP
Classroom Training

Duration 5 days

  • United States: US$ 3,595
Enroll now
Online Training

Duration 5 days

  • United States: US$ 3,595
Enroll now