Logo TCP/IP Training
Our wireshark tools

TCP/IP Analysis and Troubleshooting with Wireshark

Price: € 3.950.- (excl. VAT/BTW/MwSt/TVA)
Category: Wireshark training
Format: Classroom, Virtual / In-house
Effective Network TCP/IP Analysis and Optimization encompasses the skills of not only capturing data, but also the ability to discern the key patterns hidden within the flood of network traffic. This course will provide the student with a set of.. read more below
Amsterdam / Hoofddorp / The Netherlands
6
Oct
- 10
Oct
2025
09:00-16:00
duration: 5 days
6-16 class size
English
Sign up now
Request information

Effective Network TCP/IP Analysis and Optimization encompasses the skills of not only capturing data, but also the ability to discern the key patterns hidden within the flood of network traffic. This course will provide the student with a set of investigate and analysis techniques focusing on the use of vendor-neutral, Open-Source Tools such as Wireshark to provide insight into the following areas:

– Specialized software configuration and packet capture techniques using Wireshark 3.0

– Behavior, analysis and threat recognition for a number of the standard user version 4 protocols including IP, DHCP, TCP, UDP, DNS, ICMP, ARP and common Internet based User Protocols such as HTTP / HTTP 2.0 / NNTP

– Specialized filtering and Analysis techniques including data traffic reconstruction and viewing

Real-World examples will be utilized throughout the course in conjunction with numerous hands-on exercises to provide field proven, practical analysis skills. Attendees will receive a student guide including numerous reference files and networking and forensics tools, as well as a library of reference documents.

Designed for the Networking, Government and Security personnel that need to develop packet investigation and network optimization skills; this course encompasses key Wireshark skills such as customized software configuration, packet capture and analysis techniques.

Key areas of study include: Protocol behavior, analysis and threat recognition for a number of the critical user protocols including IPv4, DHCPv4, TCP, UDP, DNS, ICMPv4, as well as common Internet based User Protocols such as HTTP. Specific emphasis on specialized, Real-World analysis techniques including data traffic reconstruction.

Successful completion of this course will provide these individuals with a path-way into the fields of Network and Forensics Analysis.

1. Introduction to Network Analysis

Network analysis challenges – Nomenclature and Terminology for Wireshark 4.x

 

2. Collecting the Data

 

Configuring Wireshark

Building and optimizing configuration Profiles for data capture

Importing and Exporting Porfiles

Using capture filters to capture specific suspect traffic

Fine-Tuning Wireshark 4.x – Advanced Wireshark Profile Optimization

Remote Capture Using Wireshark 4.x

 

Location – How Network Infrastructure Devices Effect Ethernet Network Analysis

Hubs, Switches, Bridges, Routers, Firewalls and CSU / DSU

 

3. Analyzing the Data – A Sample Network Analysis Methodology

 

Effectively Navigating Wireshark 4.x and Interpreting Color Rules

6 Steps for practical Network Analysis of suspicious traffic

Answering the key questions – A Sample Network Analysis Methodology

Understanding and Using Shortcuts

Constructing, Using and Interpreting Color Rues in Wireshark 

 

My Network is Slow! – Using Wireshark to Effectively Trouble Shoot Latency Issues

The Importance of Effectively Using Time Values in Troubleshooting

How Location Affects Time Values

Default vs. Specialized Time Values

Cumulative Time Value

Delta Time Value

Conversational Time Values

 

Expert Analysis – Introduction to Statistical Analysis and Graphing

Wireshark 4.x Updated Expert Systems

Analyzing Conversations and Activities Using Expert Systems to Determine Unusual Activity

The 6 Key Statistical Displays to Master

What’s Normal vs. Abnormal – The Role of Baseline Files

Building a Baseline Library – Where Do I go to Find Samples?

Statistical Displays vs. Graphing

Types of Graphs 

I/O vs. Flow vs. TCP graphs

 

Show me the Money! – Display Filters and Regular Expressions

Using Wireshark 4.x Standard Display Filtering

Creating and Using Filter Buttons

Advanced Display Filters

Extending the Power of Wireshark 3.0 – Regular Expressions

 

4. Analysis of Network Applications and User Traffic 

 

The Networking Protocols

What’s Normal vs. Abnormal – The Role of Baseline Files

Building a Baseline Library – Where Do I go to Find Samples?

 

The Key Networking Protocols and Functions

Configuration Protocols – DHCPv4

Structure and Analysis of DHCPv4

 

Resolving Addresses – DNS / DNSSec

Structure and Analysis of DNS

Fixing the Problem – DNSSec structure and Analysis

 

The Network Layer – IPv4

Structure and Analysis of IPv4

IP Options – What’s the Big Deal?

 

Utility and Troubleshooting Protocols – Address Resolution Protocol (ARP) and Internet Control Message Protocol (ICMPv4)

Structure and Analysis of ARP

Structure and Analysis of ICMPv4

Network Analysis Using the ICMP Analysis – Types and Codes

 

The Transport Layer – Moving the Data – TCP / UDP

Structure and Analysis of TCP

TCP Options – What’s the Big Deal?

TCP Analysis Using Expert Systems

Structure and Advanced Analysis of UDP

 

The Application Layer – Analyzing Common User Protocols

Web-Based Applications Using HTTP / HTTP 2.0

Structure and Analysis of HTTP

Response Codes – The answer to analyzing HTTP

Reassembling and Exporting of HTTP Objects

New and Improved – HTTP 2.0 – a. Structure and Analysis of HTTP 2.0

 

The Forgotten Part of the Internet – Usenet and NNTP

Structure and Analysis of NNTP

Response Codes – The answer to analyzing NNTP

Reassembling and Exporting of NNTP Objects

 

Securing the Data – SSL / TLS

Secure Socket Layer

Structure and Analysis of SSL

Response Codes – The answer to analyzing SSL

Decrypting and Reassembling of SSL Objects

Transport Layer Security

Structure and Analysis of TLS

 

5. Recap – Effective Troubleshooting Techniques 

Student qoutes

"It's sure the most interesting course that i have followed"

- Karin van der Plas

Course: TCP/IP Analysis and Troubleshooting with Wireshark

"It was a very very very interesting course, and done by the top guy"

- Matthew Steenwijk

Course: VoIP Network Analysis

"It was a real pleasure to receive the Wireshark training from a very dedicated trainer"

- Wim de Vries

Course: Voice & Video over IP Network Analysis Using Wireshark

"I thought I already knew Wireshark. I was wrong, very wrong"

- Jeroen Valkonet

Course: TCP/IP Analysis and Troubleshooting with Wireshark

"This course is a must have for everyone in IT"

- Johan den Besten

Course: TCP/IP Analysis and Troubleshooting with Wireshark

"Great for network analyses or forensic investigations"

- Sven Schneider

Course: Masterclass – Advanced Network & Intro to Security Analysis

"By far the very best course I ever took"

- Joachim van Doeselaar

Course: TCP/IP Analysis and Troubleshooting with Wireshark

"If there’s a packet, it can be WireSharked!!"

- Elena Petrova

Course: WiFi & Wireless Network Analysis Using Wireshark

"Extremely satisfied with the training. Very helpful instructor and great teaching methods"

- Lars Mikkelsen

Course: Masterclass – Advanced Network & Intro to Security Analysis

More courses within category Wireshark training

WiFi & Wireless Network Analysis Using Wireshark

Amsterdam / In-House / Virtual
duration: 5 days
T.B.A. 2025
This course is for Networking and Security personnel who must develop packet investigation techniques by studying the WiFi and Wireless Networking Protocols (IEEE 802.11a, b, g, n, ac, ad, az)..

Cloud-based Network Analysis & Troubleshooting

Amsterdam / In-House / Virtual
duration: 5 days
T.B.A. 2025
This course is for Networking and Security personnel who need to develop a set of packet investigation techniques to support recognition, analysis, and threat recognition for many of the next..

Internet of Things (IoT) Network Analysis

Amsterdam / In-House / Virtual
duration: 5 days
T.B.A. 2025
This course is for Networking and Security personnel who need to develop packet investigation techniques by studying the IoT and Home Automation Protocols using Wireshark and other OpenSource Analysis tools...

Masterclass – Advanced Network & Intro to Security Analysis

Amsterdam / In-House / Virtual
duration: 5 days
T.B.A. 2025
The realities of modern traffic analysis require interpreting encrypted network traffic correctly. A detailed knowledge of how key protocols such as HTTP can provide valuable insights into what is happening..
Logo TCP/IP Training

SCOS Training
ViaCloud BV

  • Training location:
    Transpolis Building
    Polarisavenue 53
    2132 JH Hoofddorp
    The Netherlands

Links

Direct questions

  • site made by
  • Atoomweg 2
    1627 LE HOORN
    The Netherlands
  • +31 (0)23-5685610
  • info@scos.training

Sign up and register for TCP/IP Analysis and Troubleshooting with Wireshark

A course only takes place if there is sufficient participation.
*
= required

Do you want to register for more than one course? Click here

Request information for TCP/IP Analysis and Troubleshooting with Wireshark

*
= required

Do you want to request information for more than one course? Click here