Network Protocol Analysis Using Wireshark Part-1

You will effectively be able to use Wireshark and troubleshoot networks with a understanding on how protocols work !

What you'll learn:

• Learn Network Protocols
• Wireshark
• Understand TCP/IP Communications
• Traffic Analysis
• The Network Packet Analysis (NPA) course starts with the fundamental networking basic concepts, networking methodologies. This course will drive you into necessary software tools to analyze network data packet traffic for the purpose of intrusion and threat detection, network defense and primarily to identify offensive operations by attackers. NPA is an outstanding industry standard training program for participant who are interested in analyzing traffic to learn how a program or application works using network, or determining if a networked device is infected with malware or intruders. If you perform incident response or are involved with investigations, this course will help you take your skills to the next level. Wireshark will be used as the primary analysis tool.

What is network protocol ?

A network protocol is an established set of rules that determine how data is transmitted between different devices in the same network. Essentially, it allows connected devices to communicate with each other, regardless of any differences in their internal processes, structure, or design.

What is wireshark ?

Wireshark is a GUI network protocol analyzer. It lets you interactively browse packet data from a live network or from a previously saved capture file. Wireshark's native capture file format is pcapng format, or pcap which is also the format used by tcpdump and various other tools.

Wireshark can also be used to intercept and analyze encrypted TLS traffic. Symmetric session keys are stored in the browser, and with the appropriate browser setting (and permission and knowledge of the user) an administrator can load those session keys into Wireshark and examine unencrypted web traffic. Wireshark comes with graphical tools to visualize the statistics. This makes it easy to spot general trends, and to present findings to less-technical management. This is a practical course, so you will explore more.

What will you learn ?

In this course, you will first be introduced to the Wireshark tool. Once you get to know the different features and navigation in Wireshark, we will get into the Analysis of Protocol Structure, where the following protocols would be explained in detail,

• ARP

• ICMP

• IP

• UDP

• TCP

• DHCP

• DNS

• HTTP

• FTP