Visão Geral

Curso Troubleshooting TCP IP Networks with Wireshark. Aprenda a usar o Wireshark para identificar e corrigir problemas de desempenho da sua rede TCP/IP.

Otimize redes TCP/IP com o Wireshark®. Este curso prático e aprofundado fornece as habilidades para isolar e corrigir problemas de desempenho de rede. Aprenda como o Wireshark pode resolver seus problemas de rede TCP/IP melhorando sua capacidade de analisar o tráfego de rede.

Este curso permitirá que você:

• Identifique e analise as causas mais comuns de problemas de desempenho em comunicações TCP/IP.
• Desenvolva uma compreensão completa de como usar o Wireshark de forma eficiente para identificar as principais fontes de problemas de desempenho de rede.
• Prepare-se para o mais recente exame de certificação Wireshark Certified Network Analyst (WCNA).

Este curso irá prepará-lo para passar no seu exame de certificação WCNA com treinamento ministrado por um instrutor especialista no assunto do Wireshark. Este curso também inclui guias de estudo oficiais do Wireshark e treinamento prático com laboratórios ao vivo.

Saiba antes de ir:  Por favor, traga seu próprio laptop carregado com Wireshark para sua primeira aula. Baixe o Wireshark gratuitamente em www.wireshark.org . 

Objetivo

Após realizar este Curso Troubleshooting TCP/IP Networks with Wireshark você será capaz de:

• 10 principais motivos para reclamações sobre desempenho de rede
• Posicione o analisador corretamente para captura de tráfego em uma variedade de tipos de rede
• Capturar pacotes em redes com e sem fio
• Configure o Wireshark para melhor desempenho e análise não intrusiva
• Navegue, divida e trabalhe com grandes arquivos de tráfego
• Use valores de tempo para identificar problemas de desempenho de rede
• Crie gráficos e tabelas estatísticas para identificar problemas de desempenho
• Filtrar o tráfego para solução de problemas e análise mais eficientes
• Personalize a coloração do Wireshark para focar em problemas de rede mais rapidamente
• Use o Sistema Especialista do Wireshark para entender vários problemas de tráfego
• Use o fluxograma de resolução TCP/IP para identificar possíveis falhas de comunicação
• Analisar tráfego normal/anormal do Sistema de Nomes de Domínio (DNS)
• Analisar tráfego normal/anormal do Protocolo de Resolução de Endereços (ARP)
• Analisar tráfego normal/anormal do Protocolo de Internet v4 (IPv4)
• Analisar tráfego normal/anormal do Protocolo de Mensagens de Controle da Internet (ICMP)
• Analisar tráfego normal/anormal do Protocolo de Datagrama do Usuário (UDP)
• Analisar tráfego normal/anormal do Protocolo de Controle de Transmissão (TCP)
• Analisar tráfego normal/anormal do Hypertext Transport Protocol (HTTP/HTTPS)

Publico Alvo

Qualquer pessoa interessada em aprender a solucionar problemas e otimizar redes TCP/IP e analisar tráfego de rede com o Wireshark, especialmente engenheiros de rede, especialistas em tecnologia da informação, analistas de segurança e aqueles que estão se preparando para o exame Wireshark Certified Network Analyst.

Pre-Requisitos

• Rede TCP/IP

Materiais

Conteúdo Programatico

1. Introduction to Network Analysis and Wireshark

1. TCP/IP Analysis Checklist
2. Top Causes of Performance Problems
3. Get the Latest Version of Wireshark
4. Capturing Traffic
5. Opening Trace Files
6. Processing Packets
7. The Qt Interface Overview
8. Using Linked Panes
9. The Icon Toolbar
10. Master the Intelligent Scrollbar
11. The Changing Status Bar
12. Right-Click Functionality
13. General Analyst Resources
14. Your First Task When You Leave Class

2. Learn Capture Methods and Use Capture Filters

1. Analyze Switched Networks
2. Walk-Through a Sample SPAN Configuration
3. Analyze Full-Duplex Links with a Network TAP
4. Analyze Wireless Networks
5. USB Capture
6. Initial Analyzing Placement
7. Remote Capture Techniques
8. Available Capture Interfaces
9. Save Directly to Disk
10. Capture File Configurations
11. Limit Your Capture with Capture Filters
12. Examine Key Capture Filters

3. Customize for Efficiency: Configure Your Global Preferences

1. First Step: Create a Troubleshooting Profile
2. Customize the User Interface
3. Add Custom Columns for the Packet List Pane
4. Set Your Global Capture Preferences
5. Define Name Resolution Preferences
6. Configure Individual Protocol Preferences

4. Navigate Quickly and Focus Faster with Coloring Techniques

1. Move Around Quickly: Navigation Techniques
2. Find a Packet Based on Various Characteristics
3. Build Permanent Coloring Rules
4. Identify a Coloring Source
5. Use the Intelligent Scrollbar with Custom Coloring Rules
6. Apply Temporary Coloring
7. Mark Packets of Interest

5. Spot Network and Application Issues with Time Values and Summaries

1. Examine the Delta Time (End-of-Packet to End-of-Packet)
2. Set a Time Reference
3. Compare Timestamp Values
4. Compare Timestamps of Filtered Traffic
5. Enable and Use TCP Conversation Timestamps
6. Compare TCP Conversation Timestamp Values
7. Determine the Initial Round Trip Time (iRTT)
8. Troubleshooting Example Using Time
9. Analyze Delay Types

6. Create and Interpret Basic Trace File Statistics

1. Examine Trace File Summary Information
2. View Active Protocols
3. Graph Throughput to Spot Performance Problems Quickly
4. Locate the Most Active Conversations and Endpoints
5. Other Conversation Options
6. Graph the Traffic Flows for a More Complete View
7. Burst Statistics
8. Numerous Other Statistics are Available
9. Quick Overview of VoIP Traffic Analysis
10. SIP and RTP Analysis Overview
11. SIP Call Setup
12. Analyzing Call Setup with SIP
13. Session Bandwidth and RTP Port Definition

7. Focus on Traffic Using Display Filters

1. Display Filters
2. Filter on Conversations/Endpoints
3. Build Filters Based on Packets
4. Display Filter Syntax
5. Use Comparison Operators and Advanced Filters
6. Filter on Text Strings
7. Build Filters Based on Expressions
8. Watch for Common Display Filter Mistakes
9. Share Your Display Filters

8. TCP/IP Communications and Resolutions Overview

1. TCP/IP Functionality
2. When Everything Goes Right
3. The Multi-Step Resolution Process
4. Resolution Helped Build the Packet
5. Where Faults Can Occur
6. Typical Causes of Slow Performance

9. Analyze DNS Traffic

1. DNS Overview
2. DNS Packet Structure
3. DNS Queries
4. Filter on DNS Traffic
5. Analyze Normal/Problem DNS Traffic

10. Analyze ARP Traffic

1. ARP Overview
2. ARP Packet Structure
3. Filter on ARP Traffic
4. Analyze Normal/Problem ARP Traffic

11. Analyze IPv4 Traffic

1. IPv4 Overview
2. IPv4 Packet Structure
3. Analyze Broadcast/Multicast Traffic
4. Filter on IPv4 Traffic
5. IP Protocol Preferences
6. Analyze Normal/Problem IP Traffic

12. Analyze ICMP Traffic

1. ICMP Overview
2. ICMP Packet Structure
3. Filter on ICMP Traffic
4. Analyze Normal/Problem ICMP Traffic

13. Analyze UDP Traffic

1. UDP Overview
2. Watch for Service Refusals
3. UDP Packet Structure
4. Filter on UDP Traffic
5. Follow UDP Streams to Reassemble Data
6. Analyze Normal/Problem UDP Traffic

14. Analyze TCP Protocol

1. TCP Overview
2. The TCP Connection Process
3. TCP Handshake Problem
4. Watch Service Refusals
5. TCP Packet Structure
6. The TCP Sequencing/Acknowledgment Process
7. Packet Loss Detection in Wireshark
8. Fast Recovery/Fast Retransmission Detection in Wireshark
9. Retransmission Detection in Wireshark
10. Out-of-Order Segment Detection in Wireshark
11. Selective Acknowledgement (SACK)
12. Window Scaling
13. Window Size Issue: Receive Buffer Problem
14. Window Size Issue: Unequal Window Size Beliefs
15. TCP Sliding Window Overview
16. Troubleshoot TCP Quickly with Expert Info
17. Filter on TCP Traffic and TCP Problems
18. Properly Set TCP Preferences
19. Follow TCP Streams to Reassemble Data 16. Examine Advanced Trace File Statistics
20. Build Advanced IO Graphs
21. Graph Round Trip Times
22. Graph TCP Throughput
23. Find Problems Using TCP Time-Sequence Graphs

15. Graph Traffic Characteristics

1. Advanced I/O Graphing
2. Graph Round Trip Times
3. Graph TCP Throughput
4. Find Problems Using TCP Time Sequence Graphs

16. Analyze HTTP Traffic

1. HTTP Overview
2. HTTP Packet Structure
3. Filter on HTTP Traffic
4. Reassembling HTTP Objects
5. HTTP Statistics
6. HTTP Response Time
7. Overview of HTTP/2
8. HTTP/2 Analysis Fundamentals
9. HTTP /2 Frame Format
10. Analyze Normal/Problem HTTP Traffic

17. Analyze TLS-Encrypted Traffic (HTTPS)

1. Analyze HTTPS Traffic
2. Encrypted Alerts
3. Decryption Steps
4. Filter on SSL

18. Review Your 10 Key Troubleshooting Steps

1. Baseline "NormalTraffic
2. Use Color
3. Look Who's Talking: Examine Conversations and Endpoints
4. Focus by Filtering
5. Create Basic IO Graphs
6. Examine Delta Time Values
7. Examine the Expert System
8. Follow the Streams
9. Graph Bandwidth Use, Round Trip Time, and TCP Time/Sequence Information
10. Watch Refusals and Redirections

LAB

• Lab 1: Capture Traffic to/from Your Hardware Address
• Lab 2: Create Your Troubleshooting Profile
• Lab 3: Set Basic Preferences for Your Troubleshooting Profile
• Lab 4: Find, Mark, Save, and Colorize Packets
• Lab 5: Detect and Colorize High Latency Indications
• Lab 6: Find the Top Talkers and Protocols/Applications on a Network
• Lab 7: Create and Use an IO Graph to Spot Performance Issues
• Lab 8: Locate a Text String in a Trace File
• Lab 9: Create a Coloring Rule to Detect DNS Error Responses and Suspicious DNS Responses
• Lab 10: Analyze a Network Problem Indicated by ARP
• Lab 11: Filter on a Range of IPv4 Addresses
• Lab 12: Detect Suspicious Traffic with a New ICMP Coloring Rule
• Lab 13: Analyze UDP-Based Multicast Streams and Queuing Delays
• Lab 14: Use an IO Graph to Locate TCP Performance Issues
• Lab 15: Determine Who is at Fault and Work with Multiple Trace Files
• Lab 16: Determine the Cause of Slow File Downloads
• Lab 17: Use TCP Graphs to Detect the Cause of Performance Problems
• Lab 18: Create a Filter Expression Button to Detect HTTP Error Responses
• Lab 19: Export an HTTP Object
• Lab 20: Decrypt HTTPS Communications