Course Details

Training On Computer Networks Administration with Wireshark

INTRODUCTION

Effective network administration is the cornerstone of a secure and efficient IT infrastructure. With the increasing complexity of modern networks, network administrators must be well-equipped to monitor, manage, and troubleshoot network performance, security, and traffic. One of the most powerful tools in a network administrator’s toolkit is Wireshark—a widely-used network protocol analyzer that provides deep insights into network traffic and helps in diagnosing and resolving network issues.

The Computer Networks Administration with Wireshark course is designed to provide IT professionals, network administrators, and security experts with the skills and knowledge needed to manage and secure networks effectively. This course emphasizes hands-on experience with Wireshark, enabling participants to monitor, capture, and analyze network traffic to identify performance issues, troubleshoot connectivity problems, and detect security threats.

Participants will gain a comprehensive understanding of how networks function, how protocols communicate, and how data flows through different layers of the network. By mastering Wireshark, they will learn how to dissect network packets, analyze data traffic, and ensure the integrity and performance of their network.

DURATION 

5 days.

TARGET AUDIENCE:

• Network Administrator Managers
• Network Analysts
• IT Administrators
• Security Analysts
• Network Technicians

OBJECTIVES

• Fundamentals of computer networks: network models, protocols, and packet structures.
• Installing, configuring, and effectively using Wireshark for network monitoring and troubleshooting.
• Capturing and analyzing network traffic in real-time to identify bottlenecks, misconfigurations, and potential threats.
• Understanding various network protocols (TCP/IP, HTTP, DNS, etc.) and how they interact in a network environment.
• Detecting security vulnerabilities and identifying network intrusions or abnormal traffic patterns.
• Optimizing network performance by analyzing traffic flow and identifying areas for improvement.
• Practical scenarios and case studies to reinforce the skills learned.

COURSE OUTLINE

Module 1: Introduction to Computer Networks

• Overview of Network Fundamentals:
  • Key concepts of networking: LAN, WAN, VLAN, and VPN.
  • Network devices: routers, switches, firewalls, and access points.
  • The OSI and TCP/IP models and their layers.
• Network Protocols Overview:
  • Common network protocols: TCP/IP, UDP, HTTP/S, DNS, DHCP, ICMP.
  • How data flows through a network (packet switching, routing, etc.).

Module 2: Introduction to Wireshark

• Wireshark Overview and Installation:
  • Introduction to Wireshark and its applications in network analysis.
  • Installation of Wireshark on different operating systems (Windows, macOS, Linux).
  • Basic Wireshark interface and navigation: toolbars, menus, and panels.
• Capturing Network Traffic:
  • Overview of packet capture methods.
  • Live capture vs. importing pre-recorded capture files.
  • Setting up capture filters to focus on relevant traffic.

Module 3: Packet Capture and Filtering

• Packet Capture Techniques:
  • Techniques for capturing network traffic on different interfaces (Ethernet, Wi-Fi, etc.).
  • Setting capture options (interface selection, promiscuous mode, etc.).
• Applying Capture and Display Filters:
  • Difference between capture and display filters.
  • Syntax and usage of Wireshark filters to focus on specific traffic (e.g., IP addresses, ports, protocols).
  • Practical examples of creating and using filters for common scenarios.

Module 4: Network Protocol Analysis

• Understanding Network Protocols:
  • Detailed analysis of common network protocols (Ethernet, ARP, IP, TCP, UDP, ICMP).
  • Understanding the structure of network packets and headers.
  • Protocol dissectors and how Wireshark decodes protocols.
• Analyzing Traffic Flow and Packet Behavior:
  • Inspecting the handshake and session establishment (e.g., TCP three-way handshake).
  • Analyzing the performance of protocols like DNS, HTTP, HTTPS, and more.
  • Identifying retransmissions, packet drops, and latency.

Module 5: Troubleshooting Network Issues with Wireshark

• Network Troubleshooting Techniques:
  • Identifying and diagnosing common network issues (latency, packet loss, connectivity issues).
  • Troubleshooting slow network performance using Wireshark’s performance metrics.
  • Identifying issues with TCP connections (e.g., SYN flood, retransmissions, window size issues).
• Practical Troubleshooting Scenarios:
  • Case studies: Troubleshooting real-world network issues such as slow downloads, DNS resolution problems, or intermittent connectivity.

Module 6: Performance Optimization and Traffic Analysis

• Analyzing Network Traffic Flow:
  • Bandwidth analysis: identifying bandwidth-hogging applications and users.
  • Analyzing data flows, congestion, and bottlenecks in the network.
• Optimizing Network Performance:
  • Techniques for enhancing network performance based on captured data.
  • Identifying and resolving network congestion points, jitter, and high latency.

Module 7: Advanced Filtering and Wireshark Customization

• Creating Advanced Filters:
  • Writing complex display and capture filters for deep traffic analysis.
  • Using logical operators and wildcards in filters to isolate specific traffic patterns.
• Wireshark Customization:
  • Customizing the Wireshark interface to improve analysis efficiency (profiles, coloring rules).
  • Using name resolution features to simplify packet analysis (DNS, MAC addresses).
  • Exporting and saving capture files for further analysis.

Module 8: Security Analysis with Wireshark

• Detecting Security Threats:
  • Identifying and analyzing security threats such as DoS attacks, port scanning, and malware traffic.
  • Using Wireshark to detect unauthorized access and abnormal traffic patterns.
• Analyzing Encrypted Traffic:
  • Understanding encryption protocols (SSL/TLS) and how Wireshark can analyze encrypted traffic.
  • Methods for inspecting encrypted traffic when keys are available.
• Packet and Network Intrusion Detection:
  • Identifying common network intrusion techniques.
  • Capturing and analyzing malicious traffic patterns.
  • Analyzing logs and event data from security incidents.

Module 9: Protocol-Specific Analysis

• HTTP and HTTPS Traffic Analysis:
  • Monitoring and analyzing web traffic.
  • Identifying potential vulnerabilities in HTTP and HTTPS communications.
• VoIP and Real-Time Communication Analysis:
  • Capturing and analyzing VoIP traffic (SIP, RTP, RTCP).
  • Understanding VoIP quality metrics (latency, jitter, packet loss) and troubleshooting call quality issues.
• Wireless Network Analysis:
  • Capturing and analyzing Wi-Fi traffic (802.11).
  • Detecting wireless network security issues and troubleshooting connection problems.

Module 10: Reporting and Documentation

• Documenting and Reporting Findings:
  • Generating Wireshark statistics and summaries for reporting.
  • Exporting Wireshark data for further analysis (CSV, JSON, etc.).
  • Writing clear and actionable reports based on network analysis.
• Case Study Review and Reporting Practice:
  • Conducting a full capture, analysis, and reporting exercise based on a simulated network problem.

CERTIFICATION

• Upon successful completion of this training, participants will be issued with Macskills Training and Development Institute Certificate

TRAINING VENUE

• Training will be held at Macskills Training Centre. We also tailor make the training upon request at different locations across the world.

AIRPORT PICK UP AND ACCOMMODATION

• Airport pick up and accommodation is arranged upon request

TERMS OF PAYMENT

• Payment should be made to Macskills Development Institute bank account before the start of the training and receipts sent to info@macskillsdevelopment.com