3 day  Quickstart

.Tony will get you and your staff up and running with Wireshark in no time.

Tony will teach you and/or staff by using a ton of hands on examples. Tony will have many live and case studies to reinforce Wireshark skills as well as teaching you about networking, protocols and application behavior. 


This course will concentrate on how to get up and running with Wireshark.

Throughout the class, Tony will determine which technical areas to focus on and review network concepts from a tactical perspective. Network basics are reinforced with hands-on examples in a collaborative environment.

Tony's famous “So What?” technique is reviewed with the students after any important concept is presented. This ensures that the students fully understand the theory or concept just presented beforing moving on.

The goal of the course is to empower the students with enough knowledge that they can immediately apply when they retuen to work. This technique leaves them with an inclination to understand new technology and to become an efficient troubleshooter.

  1. What is a Protocol Analyzer?
  2. TCP/IP Task Offload in NDIS 5
  3. Wireshark - Getting Started Tips
  4. Wireshark TCP Checksums
  5. Wireshark Desktop Shortcut to Start Capturing
  6. Windows Installation Command Line Option
  7. Make It Easier To Launch Wireshark
  8. Wireshark Edit -> Preferences
  9. Capture Options Dialogue Box
  10. Capturing From The Command line
  11. Capture Filters
  12. Capture Stop Triggers and Ring Buffers
  13. Frame Display Options
  14. Name Resolution Notes
  15. Endpoints and Conversation List
  16. Flow Graph Statistics
  17. Expert Info
  18. Display Filters
  19. Follow UDP/TCP Stream
  20. Using Packet Bookmarks
  21. Composite Exporting from Wireshark into Excel for advanced reporting.
  22. Capture packet from the command prompt to a file
  23. Search packet for payload specifics
  24. FTP & HTTP review
  25. Review TCP/UDP/IP protocols
  26. Saving filtered packets
  27. Troubleshooting Using Wireshark
  28. Dynamic Baselining
  29. To ARP or not to ARP? Promiscuous ARP
  30. DHCP
  31. Route, Netstat, nbtstat
  32. Tracert versus Ping, Internet Control Message Protocol (ICMP)
  33. PMTU discovery
  34. Time To Live Exceeded, Fragmentation
  35. What is tcp Window frozen, ALMOST FORZEN  and Window exceeded?
  36. How to determine if applications or stations are overloaded?
  37. lots of hands on exercises