Wireshark: Network Troubleshooting

Learn how to analyze network problems with Wireshark, a free, open-source packet analysis tool that helps identify congestion issues, suspicious activity, and network intrusions.

Introduction

• Analyze network problems
• What you need to know

Traffic Capture and Analysis

• Getting the most out of Wireshark
• Navigating the Wireshark interface
• Investigating the Edit Menu choice
• Exploring the View Menu choice
• Getting ready to capture
• Examining a capture
• Challenge: Examining evidence of congestion
• Response: Examining evidence of congestion

Using Time as a Metric

• Displaying time
• Viewing Details and Expert Info
• Graphing the TCP Streams
• Challenge: Using time to view gaps in transmission
• Response: Using time to view gaps in transmission

Wireshark Tools

• Viewing conversations and endpoints
• Creating a flow graph
• Plotting an IO graph
• Challenge: Using a Flow Graph
• Response: Using a Flow Graph

Recognizing Abnormal or Malicious Traffic

• Troubleshooting the Network
• Spotting an ARP Storm
• Identifying bursty traffic
• Protecting from packet sniffing
• Examining Macof attacks
• Challenge: Identify a scanning signature
• Solution: Identify a scanning signature

Conclusion

• What's next?