Wireshark Fundamentals

Wireshark Fundamentals

by Jerome Henry / James Garringer
Released May 2017
Publisher(s): Pearson
ISBN: 0134767500

Read it now on the O’Reilly learning platform with a 10-day free trial.

O’Reilly members get unlimited access to books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Video description

Nearly 5 Hours of Expert Video Instruction

The Wireshark Fundamentals LiveLessons video training course offers nearly 5 hours of expert instruction on using the free, open source Wireshark to troubleshoot Ethernet and Wi-Fi networks, and the protocols they transport.

Presented by instructors who’ve helped thousands of professionals master advanced networking,

Wireshark Fundamentals LiveLessons illuminates all the techniques you need to solve real network problems with Wireshark. Its 10 well-organized lessons and 44 concise sublessons teach through real examples, easy-to-follow animations, and detailed audio explanations.

Experienced network engineers James Garringer and Jerome Henry demystify Wireshark’s complex options and command-line scripting language. They guide you step-by-step through troubleshooting common media and protocols, revealing hidden “gems” that help make Wireshark amazingly powerful and efficient.

No matter what kind of network you’re responsible for, Wireshark Fundamentals LiveLessons will help you improve its reliability, performance, and security.

  • Understanding Wireshark versions, flavors, and hardware support
  • Installing and customizing Wireshark
  • Building highly-efficient profiles for specific troubleshooting tasks
  • Performing Layer 2 or Layer 3 captures
  • Exploring standard network exchanges (DNS, DHCP, ICMP, FTP, HTTP, and more)
  • Capturing and visualizing encrypted traffic
  • Personalizing the Wireshark interface
  • Using filters and advanced filtering to focus on the data you really need
  • Identifying trends with Wireshark’s advanced analysis tools
  • Using Wireshark’s powerful command-line options
  • Exporting Wireshark captures to other tools

About the Instructors

James Garringer (Atlanta, GA) is an experienced consulting engineer who specializes in Wi-Fi and networking for education, healthcare, and enterprise customers throughout the United States. Garringer has a special interest in Wireshark and protocol analysis and has spent considerable time performing frame and packet analysis in customer and lab environments. A Certified Wireless Network Expert (CWNE No. 179), he also serves on the CWNP Board of Advisors, and on the WLAN Advisory Board. He has more than 10 years of experience as a speaker and teacher.

Jerome Henry (Pittsboro, NC) is Principal Engineer at Cisco focusing on end-to-end optimizations. He has 12+ years of experience teaching technical Cisco courses and products in 15 countries and 4 languages. Through 10,000+ hours in the classroom, he has taught audiences ranging from college students to Cisco system engineers. He holds Certified Wireless Networking Expert (CWNE No. 45), CCIE Wireless (No. 24750), and CCNP Wireless certifications, has authored several books on Cisco wireless technologies, and has developed multiple Cisco courses on wireless topics, including IUWNE, IUWMS, IUWVN, CUWSS, IAUWS, and LBS.

Skill Level

  • All levels

Learn How To

  • Compare and select the right version of Wireshark for your needs
  • Install and configure Wireshark and its adapters
  • Create, save, work with, and troubleshoot captures
  • Capture at different points of your network
  • Personalize Wireshark’s interface with profiles
  • Improve precision and efficiency with basic and advanced filters
  • Use statistics, include IO graphs, flows, streams, and hierarchies
  • Quickly spot anomalies and understand expert error information
  • Work from the command line interface with Tshark and Editcap
  • Complement and extend Wireshark with other tools
  • Share your findings

Who Should Take This Course

For all network engineers and other network professionals at all levels who need to troubleshoot networks, especially those responsible for wireless networks.

Course Requirements

Requires a basic understanding of networking technology.

About Pearson Video Training

Pearson’s expert-led video tutorials teach you the technology skills you need to succeed. These professional and personal technology videos feature world-leading author instructors published by your trusted technology brands: Addison-Wesley, Cisco Press, Pearson IT Certification, Prentice Hall, Sams, and Que. Topics include: IT certification, programming, web and mobile development, networking, security, and more. Learn more about Pearson Video training at http://www.informit.com/video

Table of contents

  1. Introduction
    1. Introduction: Wireshark vs. Others
  2. Lesson 1: Choosing Your Analyzer
    1. Learning objectives
    2. 1.1 Choosing a Laptop
    3. 1.2 Adapter Selection
    4. 1.3 Capturing from the Network
    5. 1.4 Capturing from Multiple Sources
    6. 1.5 Limitations of Software-based Analyzers
  3. Lesson 2: Install and Setup Wireshark
    1. Learning objectives
    2. 2.1 Downloading Wireshark
    3. 2.2 Install as an Administrator or a Standard User
    4. 2.3 Configuring Your Adapters for use with Wireshark
    5. Summary
  4. Lesson 3: Your First Capture
    1. Learning objectives
    2. 3.1 Selecting Your Capture Source
    3. 3.2 Working with Capture Options
    4. 3.3 Starting, Stopping, and Saving Captures
    5. 3.4 Working with Captures
    6. 3.5 Working with Encrypted Captures
    7. 3.6 Mapping OSI Model to a Captured Frame
    8. 3.7 Troubleshooting Techniques
    9. Summary
  5. Lesson 4: Looking at Standard Exchanges
    1. Learning objectives
    2. 4.1 Understanding Capture Fields
    3. 4.2 Capturing at Different Points of the Network
    4. 4.3 Following Conversations: DNS
    5. 4.4 Following Conversations: HTTP
    6. 4.5 Following Conversations: ICMP
    7. 4.6 Following Conversations: FTP
    8. 4.7 Dissectors and Port Numbers
  6. Lesson 5: Personalizing the Interface
    1. Learning objectives
    2. 5.1 Creating a Profile
    3. 5.2 Switching Between Profiles Based on Troubleshooting Need
    4. 5.3 Using Columns
    5. 5.4 Understanding Coloring Rules
    6. 5.5 Commenting Packets
    7. Summary
  7. Lesson 6: Using Filters
    1. Learning objectives
    2. 6.1 Using Capture vs. Display Filters
    3. 6.2 Using Capture Filters
    4. 6.3 Using Capture Filters Continued
    5. 6.4 Using Display Filters
  8. Lesson 7: Advanced Filtering
    1. Learning objectives
    2. 7.1 Combining Filters
    3. 7.2 Avoiding Common Filter Pitfalls
    4. 7.3 Using Contains and Matches Conditions, Wildcards
    5. 7.4 Sharing Filters
    6. Summary
  9. Lesson 8: Using Statistics
    1. Learning objectives
    2. 8.1 Using IO Graphs
    3. 8.2 Identifying Top Talkers
    4. 8.3 Following Flows and Streams
    5. 8.4 Using Applications and Protocol Hierarchy, Spotting Anomalies
    6. 8.5 Personalizing IO Graph
    7. 8.6 Understanding Expert Information
    8. Summary
  10. Lesson 9: Using the CLI
    1. Learning objectives
    2. 9.1 Capturing Traffic with Tshark
    3. 9.2 Display Information and Statistics
    4. 9.3 Using Editcap to Split Large Files
    5. 9.4 Common Options
    6. Summary
  11. Lesson 10: Beyond Wireshark
    1. Learning objectives
    2. 10.1 Exporting Packets to Other Tools
    3. 10.2 Analyzing in Other Tools
    4. 10.3 Working with Larger Files
    5. 10.4 Sharing Your Findings
  12. Summary
    1. Wireshark Fundamentals: Summary

Product information

  • Title: Wireshark Fundamentals
  • Author(s): Jerome Henry / James Garringer
  • Release date: May 2017
  • Publisher(s): Pearson
  • ISBN: 0134767500