JavaScript seems to be disabled in your browser.
You must have JavaScript enabled in your browser to utilize the functionality of this website.

Home
4 Days Wireshark Network Analysis Specialization

4 Days Wireshark Network Analysis Specialization

19 Review(s) | Add Your Review

Step into the world of advanced network analysis with our 4-day Wireshark specialization course. This intensive program is designed to equip attendees with the skills to unravel the complexities of network behaviors, performance bottlenecks, and potential security vulnerabilities. The training lays emphasis on key areas such as identifying performance glitches arising from path latency, pinpointing devices that drop packets, and validating the optimal configuration of network hosts. It goes a step further to analyze intricate dependencies, optimize application behaviors, and offer insights into the functionalities of TCP/IP networks.

In the modern digital environment, understanding the behavior and security of applications during various stages is paramount. This course hones in on techniques to verify application security during crucial junctures like login, launch, and data transfer. Participants will also learn to spot anomalies in network traffic, indicative of potentially compromised hosts, and develop proficiency in using graphical representations to report issues such as server performance slowdowns, packet losses, and network congestion. By the end of this immersive course, attendees will have transformed into network analysis mavens, adept at leveraging Wireshark for optimal network health and security.

Course Brochure

Download Network Analysis with Wireshark

Certificate

All participants will receive a Certificate of Completion from Tertiary Courses after achieved at least 75% attendance.

Funding and Grant Applications

SGTech STAR Fund

Free course for SGTech members after SGTech STAR Funding.. For details, check here.

Course Code: C1123

Course Booking

The course fee listed below is before subsidy/grant, if applicable. We will apply for the grant and send you the invoice with nett fee.

$1,200.00 (GST-exclusive)

$1,308.00 (GST-inclusive)

Mode of Training

Physical Classroom Training
Synchronised Teaching using ZOOM
Corporate Training at Company Premise

Course Date * Course Date

Course Time * Course Time: No. of Participants

Sponsorship *

Self-Sponsored
Organisation-Sponsored

Name(s) on Certificate *

Additional Message or Emails for Course Notification

* Required Fields

Post-Course Support

We provide free consultation related to the subject matter after the course. Please email your queries to enquiry@tertiaryinfotech.com and we will forward your queries to the subject matter experts and get back to you asap.

Course Cancellation/Reschedule Policy

We reserve the right to cancel or re-schedule the course due to unforeseen circumstances. If the course is cancelled, we will refund 100% to participants.
Note the venue of the training is subject to changes due to class size and availability of the classroom.
Note the minimal class size to start a class is 3 Pax.

Course Details

Topic 1. Introduction to Network Analysis and Wireshark

TCP/IP Analysis Checklist
Top Causes of Performance Problems
Get the Latest Version of Wireshark
Capturing Traffic
Opening Trace Files
Processing Packets
The Qt Interface Overview
Using Linked Panes
The Icon Toolbar
Master the Intelligent Scrollbar
The Changing Status Bar
Right-Click Functionality
General Analyst Resources
Your First Task When You Leave Class

Topic 2. Learn Capture Methods and Use Capture Filters

Analyze Switched Networks
Walk-Through a Sample SPAN Configuration
Analyze Full-Duplex Links with a Network TAP
Analyze Wireless Networks
USB Capture
Initial Analyzing Placement
Remote Capture Techniques
Available Capture Interfaces
Save Directly to Disk
Capture File Configurations
Limit Your Capture with Capture Filters
Examine Key Capture Filters

Topic 3. Customize for Efficiency: Configure Your Global Preferences

First Step: Create a Troubleshooting Profile
Customize the User Interface
Add Custom Columns for the Packet List Pane
Set Your Global Capture Preferences
Define Name Resolution Preferences
Configure Individual Protocol Preference

Topic 4. Navigate Quickly and Focus Faster with Coloring Techniques

Move Around Quickly: Navigation Techniques
Find a Packet Based on Various Characteristics
Build Permanent Coloring Rules
Identify a Coloring Source
Use the Intelligent Scrollbar with Custom Coloring Rules
Apply Temporary Coloring
Mark Packets of Interest

Topic 5. Spot Network and Application Issues with Time Values and Summaries

Examine the Delta Time (End-of-Packet to End-of-Packet)
Set a Time Reference
Compare Timestamp Values
Compare Timestamps of Filtered Traffic
Enable and Use TCP Conversation Timestamps
Compare TCP Conversation Timestamp Values
Determine the Initial Round Trip Time (iRTT)
Troubleshooting Example Using Time
Analyze Delay Types

Topic 6. Create and Interpret Basic Trace File Statistics

Examine Trace File Summary Information
View Active Protocols
Graph Throughput to Spot Performance Problems Quickly
Locate the Most Active Conversations and Endpoints
Other Conversation Options
Graph the Traffic Flows for a More Complete View
Burst Statistics
Numerous Other Statistics are Available
Quick Overview of VoIP Traffic Analysis
SIP and RTP Analysis Overview
SIP Call Setup
Analyzing Call Setup with SIP
Session Bandwidth and RTP Port Definition

Topic 7. Focus on Traffic Using Display Filters

Display Filters
Filter on Conversations/Endpoints
Build Filters Based on Packets
Display Filter Syntax
Use Comparison Operators and Advanced Filters
Filter on Text Strings
Build Filters Based on Expressions
Watch for Common Display Filter Mistakes
Share Your Display Filters

Topic 8. TCP/IP Communications and Resolutions Overview

TCP/IP Functionality
When Everything Goes Right
The Multi-Step Resolution Process
Resolution Helped Build the Packet
Where Faults Can Occur
Typical Causes of Slow Performance

Topic 9. Analyze DNS Traffic

DNS Overview
DNS Packet Structure
DNS Queries
Filter on DNS Traffic
Analyze Normal/Problem DNS Traffic

Topic 10. Analyze ARP Traffic

ARP Overview
ARP Packet Structure
Filter on ARP Traffic
Analyze Normal/Problem ARP Traffic

Topic 11. Analyze IPv4 Traffic

IPv4 Overview
IPv4 Packet Structure
Analyze Broadcast/Multicast Traffic
Filter on IPv4 Traffic
IP Protocol Preferences
Analyze Normal/Problem IP Traffic

Topic 12. Analyze ICMP Traffic

ICMP Overview
ICMP Packet Structure
Filter on ICMP Traffic
Analyze Normal/Problem ICMP Traffic

Topic 13. Analyze UDP Traffic

UDP Overview
Watch for Service Refusals
UDP Packet Structure
Filter on UDP Traffic
Follow UDP Streams to Reassemble Data
Analyze Normal/Problem UDP Traffic

Topic 14. Analyze TCP Protocol

TCP Overview
The TCP Connection Process
TCP Handshake Problem
Watch Service Refusals
TCP Packet Structure
The TCP Sequencing/Acknowledgment Process
Packet Loss Detection in Wireshark
Fast Recovery/Fast Retransmission Detection in Wireshark
Retransmission Detection in Wireshark
Out-of-Order Segment Detection in Wireshark
Selective Acknowledgement (SACK)
Window Scaling
Window Size Issue: Receive Buffer Problem
Window Size Issue: Unequal Window Size Beliefs
TCP Sliding Window Overview
Troubleshoot TCP Quickly with Expert Info
Filter on TCP Traffic and TCP Problems
Properly Set TCP Preferences
Follow TCP Streams to Reassemble Data 16. Examine Advanced Trace File Statistics
Build Advanced IO Graphs
Graph Round Trip Times
Graph TCP Throughput
Find Problems Using TCP Time-Sequence Graphs

Topic 15. Graph Traffic Characteristics

Advanced I/O Graphing
Graph Round Trip Times
Graph TCP Throughput
Find Problems Using TCP Time Sequence Graphs

Topic 16. Analyze HTTP Traffic

HTTP Overview
HTTP Packet Structure
Filter on HTTP Traffic
Reassembling HTTP Objects
HTTP Statistics
HTTP Response Time
Overview of HTTP/2
HTTP/2 Analysis Fundamentals
HTTP /2 Frame Format
Analyze Normal/Problem HTTP Traffic

Topic 17. Analyze TLS-Encrypted Traffic (HTTPS)

Analyze HTTPS Traffic
Encrypted Alerts
Decryption Steps
Filter on SSL

Topic 18. Review Your 10 Key Troubleshooting Steps

Baseline "Normal Traffic
Use Color
Look Who's Talking: Examine Conversations and Endpoints
Focus by Filtering
Create Basic IO Graphs
Examine Delta Time Values
Examine the Expert System
Follow the Streams
Graph Bandwidth Use, Round Trip Time, and TCP Time/Sequence Information
Watch Refusals and Redirections

Course Info

Promotion Code

Your will get 10% discount voucher for 2nd course onwards if you write us a Google review.

Minimum Entry Requirement

Knowledge and Skills

Able to operate using computer functions
Minimum 3 GCE ‘O’ Levels Passes including English or WPL Level 5 (Average of Reading, Listening, Speaking & Writing Scores)

Attitude

Positive Learning Attitude
Enthusiastic Learner

Experience

Minimum of 1 year of working experience.

Target Age Group: 18-65 years old

Minimum Software/Hardware Requirement

Software:

Please download and install Wireshark https://www.wireshark.org/#download.

Hardware: Window or Mac Laptops

Job Roles

Anyone interested in learning to troubleshoot and optimize TCP/IP networks and analyze network traffic with Wireshark, especially network engineers, information technology specialists, security analysts, and those preparing for the Wireshark Certified Network Analyst exam.

Recommended Prerequisite Knowledge/ Capabilities Students

Good to have a strong working knowledge of interconnecting device functionality (switch, router, NAT, for example) and be comfortable with the elements of the TCP/IP protocol suite (ARP, TCP, UDP, IP, DHCP, ICMP, for example).

Trainers

Muhammed Siraj: Muhammed Siraj is an IT executive, lecturer, trainer, security expert, developer, hardware technician, and entrepreneur with over 15 years of experience in the IT profession. He is an experienced IT instructor who has delivered several lecturers in the area of Cybersecurity, Computer Forensics, and Fraud detection to the military, police, CID, Financial Institutions, among others. In addition to training, he provides consultancy services to Educational and Governmental Institutions in the area of computer security and adoption of Open Source solutions. His experience and knowledge acquired from Ghana, Mali, Denmark, South Africa, and Malaysia, enables him to interact with people of different cultural backgrounds very well.

Truman Ng: Truman Ng is a ACTA certified trainer that graduated with Bachelor Degree in Electrical Engineering from NUS in year 2002. He designed Artificial Intelligence (AI) controller for DC-DC Power Convertor by using Fuzzy Logic and Neural Network (NN) as his university Final Year Project.

Truman has over 15 years project experiences across Database & Web Design, PLC machinery, Data Center Design , Structure Cabling System(SCS) and Enterprise Network Design and Implementation. He used to be a network architect for Hewlett Packard, working with a group of virtual team from the US in handling network design and projects in the States.

Truman is the founder of Nexplore (S) Pte Ltd. He provides solutions of Cloud SaaS, IaaS & PaaS and Software Defined Network (SDN), VoIP and Internet Security. He was engaged by Huawei Global Training Center to provide 60+ consultations and trainings for Internet Service Providers(ISP) from Malaysia, Singapore, Brunei, Philippines, Australia, Poland, Iran, South Africa, Swaziland, Cote Dlvoire, Syria, Uzbekistan, New Zealand and countries over the world.
As achievement, Truman has successfully completed 100+ IT network projects for Bank, Hotel and Factory within 5 years.
Truman is certified in PMP, Cisco CCNP, CCIP, CCDP, HP Ase and Huawei HCNP, HCIE R&S, HCNA Cloud, HCNA Security, etc.