Analyzing Network Traffic with Wireshark

Paths

Analyzing Network Traffic with Wireshark

Authors: Ross Bagurdes, Christopher Greer

This path focuses on the skills and knowledge required to analyze network traffic using Wireshark. You’ll begin with the basics of network packet analysis before delving into... Read more

What You Will Learn

  • Wireshark basic functionality
  • Using advanced Wireshark features
  • Visualizing network traffic with Wireshark
  • Using Wireshark on the command line
  • Analyzing network protocols with Wireshark
  • Troubleshooting slow networks with Wireshark

Pre-requisites

  • Networking basics or have watched the Pluralsight Networking Fundamentals path

Analyzing Network Traffic with Wireshark

This path focuses on the skills and knowledge required to design, build, and configure applications for Kubernetes.

Getting Started with Analyzing Network Traffic Using Wireshark

by Ross Bagurdes

Oct 29, 2018 / 3h 18m

3h 18m

Start Course
Description

In this course, Getting Started with Analyzing Network Traffic Using Wireshark, you will learn that Wireshark is a powerful and free utility used by network engineers, system administrators, and developers alike. First, you will get started with packet capture operation. Then, you will explore how to provide a primer on the Wireshark interface as well as how to interpret the data collected. Finally, you will discover how to use capture filters and display filters to isolate needed traffic, the basics of TCP operation, as well as examine the protocol used when downloading a simple HTTP website. This is an excellent course for someone who is knowledgeable about network operation but would like to dive deeper into protocol analysis.

Table of contents
  1. Course Overview
  2. Examining the OSI Model, Protocols, and Headers
  3. Getting Started with Wireshark
  4. Capturing Traffic
  5. Examining Encapsulation and the Wireshark Dissector
  6. Using Display Filters
  7. Getting Started with TCP Analysis

Analyzing Network Protocols with Wireshark

by Christopher Greer

Dec 20, 2019 / 2h 8m

2h 8m

Start Course
Description

There are billions of packets flying through the network every minute. Which ones matter? Which ones hold the keys to troubleshooting network and application problems? In this course, Analyzing Network Protocols with Wireshark, you’ll gain the ability to capture, interpret, and dissect network problems at the packet level. First, you’ll explore core protocols and services, such as ARP, IPv4, and DHCP. Next, you’ll discover how the UDP and DNS protocols work. Finally, you’ll learn to analyze HTTPs and TLS based application traffic. When you’re finished with this course, you’ll have the skills and knowledge of packet analysis with Wireshark needed to isolate and resolve network problems.

Table of contents
  1. Course Overview
  2. Why Are Core Network Protocols so Important to Understand?
  3. Using Wireshark to Analyze ARP
  4. Using Wireshark to Analyze IPv4, IPv6 , and ICMP
  5. Using Wireshark to Analyze Core Services – UDP, DHCP, and DNS
  6. Using Wireshark to Analyze Core Applications - FTP, HTTPs, and SSL

Foundational TCP Analysis with Wireshark

by Christopher Greer

Mar 11, 2020 / 2h 8m

2h 8m

Start Course
Description

"The network is slow!" "The application is broken!" "We are being hacked!" Sound familiar? In this course, Foundational TCP Analysis with Wireshark, you will gain the ability to troubleshoot and resolve network problems by harnessing the power of TCP. First, you will learn how TCP connections are established and maintained. Next, you will discover how data is retransmitted during data loss. Finally, you will explore how to quickly find, interpret, and resolve TCP problems using the Wireshark protocol analyzer. When you are finished with this course, you will have the skills and knowledge of the TCP protocol and Wireshark needed to hunt down network problems and resolve them for good.

Table of contents
  1. Course Overview
  2. What Is TCP?
  3. Mastering the TCP Handshake
  4. Understanding Sequence and Acknowledgement Numbers
  5. Interpreting the TCP Receive Window
  6. Analyzing Retransmissions and Duplicate Acks

Troubleshooting Slow Networks with Wireshark

by Christopher Greer

Jun 5, 2019 / 3h 2m

3h 2m

Start Course
Description

It's easy for network admins to become bogged down in slow networks. In this course, Troubleshooting Slow Networks with Wireshark, you will learn to capture and interpret network packet data to solve performance problems. First, you will learn how and where to properly capture packets with Wireshark. Next, you will discover how to measure network and application response time. Finally, you will explore how to use built-in features in Wireshark designed to quickly spotlight performance problems. When you’re finished with this course, you will have the skills and knowledge with Wireshark needed to resolve these network problems for good.

Table of contents
  1. Course Overview
  2. Collecting The Right Data: Where and How?
  3. Analyzing End User and Application Behavior
  4. Measuring Network and Application Response Time
  5. Identifying Common Causes of Slow Networks
  6. Features in Wireshark for Resolving Slowness

Wireshark Traffic Analysis: Customizing the Interface, ARP, ICMP, and DNS

by Ross Bagurdes

Dec 27, 2018 / 3h 18m

3h 18m

Start Course
Description

Network engineers can quickly become frustrated with unusual network performance issues. While most engineers are familiar with ARP and know how to clear a cache on a device, and they use ping regularly to troubleshoot networks, understanding both ARP and ICMP operation at the packet level will bring a new way to quickly solve network issues. In this course, Wireshark Traffic Analysis: Customizing the Interface, ARP, ICMP, and DNS, you will gain the ability to use Wireshark captures to detect and understand network issues causing performance problems. First, you will see how to customize the Wireshark interface, creating profiles for unique troubleshooting situations. Next, you will discover ARP operation, what it means, and how to use it to identify specific behaviors of network traffic. Finally, you will explore how to analyze ICMP types and codes in Wireshark, so you can use it to troubleshoot networks in a new way. When you are finished with this course, you will have the skills and knowledge of Wireshark protocol analysis needed to analyze and troubleshoot ARP, ICMP, and DNS traffic on your network.

Table of contents
  1. Course Overview
  2. Customizing the Wireshark Interface
  3. Troubleshooting Layer 2 Issues with ARP
  4. Introducing ICMP to Troubleshoot Networks
  5. Troubleshooting Using ICMP Error Messages
  6. Examining and Troubleshooting DNS