CIS216 — Introduction to Wireshark and Network Analysis
4 , 3 lecture periods 2 lab periods Introduction to network analysis with Wireshark and other tools. Includes key Wireshark elements to analyze and identify TCP\IP traffic using capture, display, color filtering, profiles, graphing, and more. Includes the exploration of the basics for analyzing and defining information as provided by network monitoring and intrusion detection. Use filters to evaluate network traffic in order to solve complex issues. Demonstrate the use of Wireshark features to identify complex network protocols. Outline: Key Wireshark Elements and Traffic Flows Wireshark traffic capture Differentiate a packet from a frame Hyper-Text Transfer Protocol (HTTP) packet through a network Wireshark resources Typical network traffic Open trace files captured with other tools Customize Wireshark Views and Settings Columns in the packet list pane Wireshark dissectors Non-standard port numbers Wireshark displays certain traffic types Wireshark for different tasks (profiles) Wireshark configuration files Time columns to spot latency problems Capture Method and Capture Filters Best capture location to troubleshoot slow browsing or file downloads Options for Ethernet network Options for wireless network Active interfaces Tons of traffic Techniques to spot sporadic problems Amount of traffic you have to work with Traffic based on addresses Media Access Control/Internet Protocol (MAC/IP) Traffic for a specific application Specific Internet Control Message Protocol (ICMP) tra
Prerequisites: CIS119