         Advanced Network Troubleshooting Using Wireshark培训

Command-Line Tools and How to Use Them
TShark and Dumpcap Command-Line Tools
Capinfos Command-Line Tool
Editcap Command-Line Tool
Mergecap Command-Line Tool
Text2pcap Command-Line Tool
Split and Merge Trace Files
Advance usage of Capture and Display Filters
Writing advanced Capture filters scripts
Writing Advanced Display filters
Using triggered filters
The Expert System Advance Usage
Dealing with congestion - shattered windows and flooding
Baseline network communications
Unusual network communications
Vulnerabilities in the TCP/IP resolution process
Lab exercises and case studies
Who is talking?
Port Scans
Mutant Scans
IP Scans
Application Mapping
OS Fingerprinting
Lab exercises and case studies
VoIP Analysis
SIP analysis and troubleshooting
RTP, RTCP and media analysis
Creating VoIP filters and analysis profiles
Lab exercises and case studies
Applications Analysis and Troubleshooting
HTTP analysis and troubleshooting
FTP analysis and troubleshooting
DNS operation and troubleshooting
Video transmission analysys
Databases network-related problems
Network Security and Forensics Basics
Gather information – what to look for
Unusual traffic patterns
Complementary tools
Detecting Security Suspicious Patterns
MAC and IP address spoofing
Attacks signatures and signature locations
ARP poisoning
Header and sequencing signatures
Attacks and exploits
TCP splicing and unusual traffic
DoS and DDoS Attacks
Protocol scans
maliciously malformed packets
Lab exercises and case studies