Visão Geral
Curso Troubleshooting TCP IP Network Wireshark Fundamentals O curso focado em capacitar profissionais de TI a identificar, diagnosticar e resolver problemas em redes TCP/IP utilizando a poderosa ferramenta de análise de pacotes Wireshark. Os participantes aprenderão conceitos fundamentais de protocolos de rede, análise de tráfego e técnicas práticas de troubleshooting em ambientes reais.
Conteúdo Programatico
Module 1: Introduction to Wireshark Resources and Analysis
- Tour of Wireshark Capabilities and Functions Tour
- Wireshark Capture Elements
- Frames vs. Packets vs. Segments
- Follow a Packet Through a Network
- Analyze a Trace File Using the Packet List Pane
Module 2: Customize Wireshark Views and Settings
- Create Custom Profiles
- Add, Edit, Export Columns
- Force Dissectors on Traffic that Uses Non-Standard Ports
- Set Key Wireshark Preferences (IMPORTANT)
- Locate Key Configuration Files
- Share and Import Profiles
- Configure Time Column to Spot Path and Server Latency Problems
Module 3: Determine the Best Capture Method and Apply Capture Filters
- Identify the Best Capture Location
- Capture on an Ethernet Network
- Capture on a Wireless Network
- Deal with Tons of Traffic (File Sets)
- Use Special Capture Techniques to Spot Sporadic Problems (Ring Buffer)
- Reduce the Amount of Traffic with Which You Have to Work
- Capture Traffic Based on Addresses (MAC/IP)
- Capture Traffic for a Specific Application
- Capture Specific ICMP Traffic
Module 4: Apply Display Filters to Focus on Specific Traffic
- Display Filter Methods and Syntax
- Edit and Use the Default Display Filters
- Filter Properly on HTTP Traffic
- Apply Display Filters Based on an IP Address, Range of Addresses or a Subnet
- Quickly Filter on a Field in a Packet
- Build Display Filter Buttons
- Filter to Detect Application Errors
- Filter on One or More Conversations (Streams)
- Expand Display Filters with Include and Exclude Conditions
- Use Parentheses to Change Filter Meaning
- Determine Why Your Display Filter Area is Yellow
- Use a Basic Regular Expression Filter to Locate a Set of Key Words in a Trace File
- Use Filters to Spot Communication Delays
- Import Display Filters into a Profile
Module 5: Color and Export Interesting Packets
- Identify and Edit Applied Coloring Rules
- Build a Coloring Rule to Highlight Delays
- Master the Intelligent Scrollbar
- Export Packets of Interest
- Export Packet Details (Excel Analysis)
Module 6: Build and Interpret Tables and Graphs
- Locate the Top Talkers
- Set Up GeoIP to Map Targets Globally
- List Applications Seen on the Network
- Detect Suspicious Protocols and Applications
- Graph Application and Host Bandwidth Usage
- Identify TCP Errors on the Network
- Understand What those Expert Errors Mean
- Identify an Overloaded Client
Module 7: Reassemble Traffic for Faster Analysis
- Reassemble Web Browsing Sessions
- Reassemble a File Transferred via FTP
- Extract a File from an FTP File Transfer
- Export HTTP Objects Transferred in a Web Browsing Session
Module 8: Add Comments to Your Trace Files and Packets
- Add Your Comments to Trace Files
- Add Your Comments to Individual Packets
- Export Packet Comments for a Report
Module 9: Use Command-Line Tools to Capture, Split, and Merge Traffic
- Split a Large Trace File into a File Set
- Merge Multiple Trace Files
- Capture Traffic at Command Line with Filters and an Autostop Condition
- Use Tshark to Extract HTTP GET Requests