In this course, we will walk through the basics of Wireshark. Because Wireshark only captures what it sees on the network, we will also describe common protocols, and examine their operation using Wireshark captures.
Wireshark is an amazing utility designed to give network engineers the ability to see into network communications in real time. Since it is a community-supported application, it is free to users! In this series, we will walk through all of the basics you need to get yourself familiar with what Wireshark is doing, as well as how you can use Wireshark to examine the operation of network protocols. First, we will examine what Wireshark is doing during a packet capture, and then we will move into some of the options available to capture traffic, including capturing traffic on more than one interface, as well as using the command line interface on systems to capture traffic. Next, since Wireshark parses out the headers of each piece of data it captures, you're able to examine the header at each layer of communication. In this series, we will take a look at ARP, ICMP(used for Ping), TCP, HTTP, DNS, Telnet, and SSH.