Specialized Pentesting Courses | Home | About | Contact | Blog | Glossary         



Download in PDF:    This Course   

Wireshark Expert Training

This training session gives you an in depth understanding of how to use the Wireshark Analyzer with all features and functions. You will gain knowledge on troubleshooting network protocols and pinpointing the source of bad performance using Wireshark. This training reinforces the instruction by providing you with plenty of hands-on labs in which a wide range of network problems are closely examined.

Upon completing this course, you will be able to meet these overall objectives:

Training we offer:
Course Name  Wireshark & Nmap Expert 
Course Duration  3 weeks 
Course Mode  Training Academy or On-site Training for Corporates & Colleges
Prerequisite  MCITP, CCNA, RHCE @ ARIZONA 

Wireshark Expert Training Syllabus

    Overview Network Analysis
  • Overview Wireshark & Ethereal
  • Special Capture Hardware
  • Installation and first capture

  • User Interface and Navigation
  • View Panes
  • Toolbar and Statusbar
  • Decode and Hexview
  • Column Configuration
  • Searching in Tracefiles
  • Using Display Filters
  • Capture to Disk and Ring buffer Capture
  • Capture Filters
  • Open, Save, Export, Print for captured network data

  • Additional Configuration and command line tools
  • Name resolution: MAC, Network, Service
  • GeoIP localization of IP addresses
  • Colorization of packets with specific attributes
  • TCP Protocol Reassembly for reconstructing content
  • Wireshark Peculiarities: Checksum errors, wrong frame size readings
  • Configuration profiles for keeping multiple settings
  • Command line tools: tshark, mergecap, editcap, dumpcap

  • Functions and Statistics
  • Baselining the network
  • Summary Statistics
  • Endpoint List, Conversation List
  • Protocol Hierarchy
  • TCP Stream Graphs and Round Trip Time
  • I/O Graph and Flow Graph
  • The Wireshark Expert
  • Service Respone Time Statistics

  • Analysis Fundamentals
  • Network, Server, Cient or Application
  • Procedures to track down Problems
  • Planning captures
  • Point of Capture: HUB, SPAN
  • Response Time, Overhead, Throughput

  • Troubleshooting
  • Troubleshooting Bottom-Up vs. Top-Down
  • Proving the Opposite
  • Correcting Problems
  • Typical Network Problems Overview
  • Application Design Errors
  • Application Types: Throughput, Transaction, Stream
  • Performance Parameters
  • Measuring Bandwidth
  • Response Times, Delay
  • TCP Turns

  • Capturing network data
  • Topology: Cable vs. Wireless
  • Half Duplex / Full Duplex
  • Hub, SPAN, RSPAN, TAP/Splitter
  • Duplicate Frame Problem
  • Wireless capture
  • Best Practice

  • Ethernet
  • Ethernet Standard
  • Duplex and Speed, Autonegotiation
  • Spanning Tree, RSTP
  • VLANs

  • Internet Protocol (IP)
  • Best Effort Delivery
  • Fragmentation
  • Basic Routing

  • ICMP
  • ICMP Codes and Types
  • Echo Request/Echo Reply
  • Destination Unreachable
  • TTL exceeded, Redirect

  • ARP
  • Determining MAC address for IP
  • ARP in a routed network
  • Gratuitous ARP
  • Locating problems with ARP
  • Proxy ARP

  • DHCP
  • DHCP functions, DORA
  • DHCP Options
  • Static assignments, address pools
  • DHCP Inform
  • DHCP Relay Agent / IP Helper

  • TCP & UDP
  • TCP characteristics
  • TCP Flags, TCP Ports, Sockets
  • Three-Way-Handshake and Graceful Shutdown
  • Reset Packets, rejected Sessions
  • TCP header options
  • TCP Connection States
  • Sequence and Acknowledge
  • Sliding Window / Window Size as an performance indicator
  • Window Update, Window Probe
  • TCP Keep Alive
  • Packet Loss, Retransmissions & TCP Slow Start
  • Selective Acknowledgements
  • Nagle Algorithm
  • UDP Overview

  • DNS
  • DNS vs. WINS
  • Domain Tree & Root Servers
  • DNS Protocol
  • Recursive Lookup
  • Authoritative Answers & Cached Responses
  • DNS Lookup Types
  • DNS Compression
  • Zone Transfers
  • DNS Error messages
  • Filtering on DNS queries with Wireshark

  • FTP
  • Command and Transfer channel
  • Active vs. Passive FTP
  • Commands & Transfer modes
  • Authentication & Error codes
  • Problems running FTP

  • HTTP
  • HTTP Protocol versions
  • Persistent vs. Nonpersistant sessions
  • HTTP request methods
  • GET & POST commands
  • HTTP Response codes
  • Stateless operation
  • Parameter transmission: Querystring, StdIO, Cookies


NMap Expert Training

Nmap (Network Mapper) is a security scanner originally written by Gordon Lyon (also known by his pseudonym Fyodor Vaskovich) used to discover Host and services on a computer network, thus creating a "map" of the network. To accomplish its goal, Nmap sends specially crafted packets to the target host and then analyzes the responses.

Unlike many simple port scanners that just send packets at a predefined constant rate, Nmap accounts for the network conditions (latency fluctuations, network congestion, the target's interference with the scan) during the run. Also, owing to the large and active user community providing feedback and contributing to its features, Nmap has been able to extend its discovery capabilities beyond simply figuring out whether a host is up or down and which ports are open and closed; it can determine the operating system of the target, names and versions of the listening services, estimated uptime, type of device, and presence of a firewall.

Nmap runs on Linux, Microsoft Windows, Solaris, HP-UX and BSD variants (including Mac OS X), and also on AmigaOS and SGI IRIX. Linux is the most popular Nmap platform with Windows following it closely.

Training we offer:

Course Name  Wiresharka & Nmap Expert 
Course Duration  3 weeks 
Course Mode  Training Academy or On-site Training for Corporates & Colleges
Prerequisite  MCITP, CCNA, RHCE @ ARIZONA 

Nmap Expert Training Syllabus

  • Getting Started with Nmap
  • Nmap Basics
  • Scans for Every Occasion
  • Back Pocket Scans
  • Useful Scanning Options
  • Nmap Pings - The Search for Hosts
  • Recon Scanning
  • Ninja Scanning
  • Output Options
  • Windows and Nmap
  • Real-World Nmap Scanning

Back to top

ARIZONA Infotech © Copyright 2020 . All Rights Reserved