Wireshark: Network Troubleshooting

Learn how to analyze network problems with Wireshark, a free, open-source packet analysis tool that helps identify congestion issues, suspicious activity, and network intrusions.

Introduction

• Analyze network problems
• What you need to know

1. Traffic Capture and Analysis

• Getting the most out of Wireshark
• Navigating the Wireshark interface
• Investigating the Edit menu choice
• Exploring the View menu choice
• Getting ready to capture
• Examining a capture
• Challenge: Examining evidence of congestion
• Solution: Examining evidence of congestion

2. Using Time as a Metric

• Displaying time
• Viewing details and expert information
• Graphing the TCP streams
• Challenge: Using time to view gaps in transmission
• Solution: Using time to view gaps in transmission

3. Wireshark Tools

• Viewing conversations and endpoints
• Creating a flow graph
• Plot an I/O graph
• Challenge: Using a flow graph
• Solution: Using a flow graph

4. Recognizing Abnormal or Malicious Traffic

• Troubleshooting the network
• Spotting an ARP storm
• Identifying bursty traffic
• Protecting from packet sniffing
• Examining macof attacks
• Challenge: Viewing unencrypted traffic
• Solution: Viewing unencrypted traffic

Conclusion

• What's next?