Wireshark Crash Course

Wireshark is the most widely used network capture and protocol analyzer on the market. It is used by IT and Network administrators to troubleshoot network connectivity issues and by Network Security analysts to dissect network attacks. This free and open source application is so widely used in the industry because it works. It is cross-platform, meaning that it runs on Windows, Mac, Linux, and FreeBSD.

This course is an introduction to the application and goes over the basics to get you started capturing and analyzing network traffic. It will build your base by explaining the theory behind how networks work and then get you into real-world applications of the software.

In this course you will learn:

• The basics of how networks operate
• How to capture traffic on Wireshark
• How to use display and capture filters
• How to use command line Wireshark to work with large packet captures

• Instructor Introduction
• What is Wireshark
• The OSI Model
• Install Wireshark on Windows
• Install Wireshark on Mac
• Install Wireshark on Linux
• Where to Place Wireshark
• Your First Capture
• Capture Filters
• Working with the Wireshark Interface
• Display Filters
• Follow Network Conversations
• Exporting Objects
• Carve Packet Streams
• Tshark field extraction
• Find Malicious IPs
• TCPDUMP Introduction
• First TCPDUMP Capture
• TCPDUMP Filters
• TCPDUMP for Carving