Wireshark can be intimidating. I remember how it felt when I first started looking at a trace file with Wireshark. Questions started flooding into my mind:
What should I look for? Where do I start? How can I find the packets that matter? What filters should I use? What is "normal" and what can I ignore in all this data?
I froze under the weight of all the detail in the packets.
If you have ever felt that way when looking at a pcap, this is the course for you!
Throughout this course, we are going to look at real-world examples of how to practically use Wireshark to solve network problems and isolate cybersecurity incidents. This skill will help all IT engineers to improve in their analysis and troubleshooting skills. Assignments have been designed with participation in mind. Download the trace file, try your hand at the questions that go along with it, and see if you can solve the network puzzle in the packets.
While learning the art of packet analysis, we will also explore the Wireshark interface, configure custom columns, filters, and coloring rules, learning how to customize the layout so we can spot problems fast. This course will give you comfort with the Wireshark interface and the experience you need to understand core protocols.
My name is Chris Greer and I am a Wireshark University instructor, as well as a packet analysis consultant for companies all over the globe. Like you, I started out looking at packet traces, hoping to find the right ones to solve complex issues on the network. I this course, I bring real-world examples to every lecture, exercise, and course assignment. My goal is for you to get comfortable with the Wireshark interface, learn to interpret the packets, and find actionable data that will help you to resolve problems or spot security incidents faster.
Ready Packet People? Let's dig!