Visão Geral

Curso Troubleshooting TCP IP Network Wireshark Fundamentals O curso focado em capacitar profissionais de TI a identificar, diagnosticar e resolver problemas em redes TCP/IP utilizando a poderosa ferramenta de análise de pacotes Wireshark. Os participantes aprenderão conceitos fundamentais de protocolos de rede, análise de tráfego e técnicas práticas de troubleshooting em ambientes reais.

Objetivo

Após realizar este Curso Troubleshooting TCP IP Network Wireshark Fundamentals você será capaz de:

• Crie um perfil Wireshark personalizado para solução de problemas
• Adicionar, editar e exportar valores de colunas personalizados
• Alterar as principais configurações de preferência do Wireshark
• Compare métodos e opções de captura
• Executar uma captura autônoma
• Aplique filtros de captura para focar no tráfego de interesse
• Aplique filtros de exibição com base em endereços, protocolos e valores de campo
• Crie botões para acelerar a detecção de problemas
• Crie filtros de exclusão para remover pacotes da visualização
• Crie e use filtros de expressão regular
• Determinar os hosts e conversas mais ativos
• Identificar os aplicativos usados ​​na rede
• Mapear endereços IP globalmente
• Remontar o tráfego e os objetos
• Exportar objetos remontados
• Anotar um arquivo de rastreamento
• Crie um relatório a partir de anotações e comentários do arquivo de rastreamento
• Dividir e mesclar arquivos de rastreamento
• Executar captura de linha de comando
• Captura usando filtros e uma condição de parada automática
• Use o Tshark para extrair valores de campo de um arquivo de rastreamento

Publico Alvo

• Administradores de rede e sistemas
• Analistas de suporte técnico e infraestrutura
• Engenheiros de redes e segurança
• Profissionais de TI que desejam entender o comportamento do tráfego TCP/IP
• Estudantes e recém-formados em cursos de tecnologia

Pre-Requisitos

• Conhecimentos básicos de redes TCP/IP (endereçamento, sub-redes, protocolos)
• Noções de sistema operacional (Windows/Linux)
• Desejável: experiência prática em ambiente de rede

Materiais

Conteúdo Programatico

Module 1: Introduction to Wireshark Resources and Analysis

1. Tour of Wireshark Capabilities and Functions Tour
2. Wireshark Capture Elements
3. Frames vs. Packets vs. Segments
4. Follow a Packet Through a Network
5. Analyze a Trace File Using the Packet List Pane

Module 2: Customize Wireshark Views and Settings

1. Create Custom Profiles
2. Add, Edit, Export Columns
3. Force Dissectors on Traffic that Uses Non-Standard Ports
4. Set Key Wireshark Preferences (IMPORTANT)
5. Locate Key Configuration Files
6. Share and Import Profiles
7. Configure Time Column to Spot Path and Server Latency Problems

Module 3: Determine the Best Capture Method and Apply Capture Filters

1. Identify the Best Capture Location
2. Capture on an Ethernet Network
3. Capture on a Wireless Network
4. Deal with Tons of Traffic (File Sets)
5. Use Special Capture Techniques to Spot Sporadic Problems (Ring Buffer)
6. Reduce the Amount of Traffic with Which You Have to Work
7. Capture Traffic Based on Addresses (MAC/IP)
8. Capture Traffic for a Specific Application
9. Capture Specific ICMP Traffic

Module 4: Apply Display Filters to Focus on Specific Traffic

1. Display Filter Methods and Syntax
2. Edit and Use the Default Display Filters
3. Filter Properly on HTTP Traffic
4. Apply Display Filters Based on an IP Address, Range of Addresses or a Subnet
5. Quickly Filter on a Field in a Packet
6. Build Display Filter Buttons
7. Filter to Detect Application Errors
8. Filter on One or More Conversations (Streams)
9. Expand Display Filters with Include and Exclude Conditions
10. Use Parentheses to Change Filter Meaning
11. Determine Why Your Display Filter Area is Yellow
12. Use a Basic Regular Expression Filter to Locate a Set of Key Words in a Trace File
13. Use Filters to Spot Communication Delays
14. Import Display Filters into a Profile

Module 5: Color and Export Interesting Packets

1. Identify and Edit Applied Coloring Rules
2. Build a Coloring Rule to Highlight Delays
3. Master the Intelligent Scrollbar
4. Export Packets of Interest
5. Export Packet Details (Excel Analysis)

Module 6: Build and Interpret Tables and Graphs

1. Locate the Top Talkers
2. Set Up GeoIP to Map Targets Globally
3. List Applications Seen on the Network
4. Detect Suspicious Protocols and Applications
5. Graph Application and Host Bandwidth Usage
6. Identify TCP Errors on the Network
7. Understand What those Expert Errors Mean
8. Identify an Overloaded Client

Module 7: Reassemble Traffic for Faster Analysis

1. Reassemble Web Browsing Sessions
2. Reassemble a File Transferred via FTP
3. Extract a File from an FTP File Transfer
4. Export HTTP Objects Transferred in a Web Browsing Session

Module 8: Add Comments to Your Trace Files and Packets

1. Add Your Comments to Trace Files
2. Add Your Comments to Individual Packets
3. Export Packet Comments for a Report

Module 9: Use Command-Line Tools to Capture, Split, and Merge Traffic

1. Split a Large Trace File into a File Set
2. Merge Multiple Trace Files
3. Capture Traffic at Command Line with Filters and an Autostop Condition
4. Use Tshark to Extract HTTP GET Requests