2 Day Hands-on Training on WireShark - Bangalore Day 1 Forenoon Session - 1 (9.00 am to 10.45 am) Introduction to Network Forensics and need for Protocol Analysis, Installation and setting up lab, Understanding the Analyzer, TCP/IP Resolution Process (Lab exercise)
Day 2 Forenoon Session - 1 (9.00 am to 10.45 am) IPV4 packet structure Network Layer Packet parameters Filtering IPV4 packets Time display formats (Lab exercise) Mid Morning Break (10.45 am to 11 am) Forenoon Session - 2 (11 am to 12.30 pm) Forenoon Session - 2 (11 am to 12.30 pm) Packet Capturing methods, Capture Filters and Display filters DNS Overview, Analysing DNS Traffic Filtering traffic using Display Filters, Building filters based on packet DNS Question and Answer Sections parameters, Saving and Opening of pcap files DNS Query and Responses, The Opcode values Analyzing ARP packet structure (Lab exercise) Understanding Gratutious ARP Analysing UDP packet structure Filtering ARP Traffic. Filtering UDP traffic, Abnormal UDP traffic (Lab exercise) (Lab exercise) Lunch Break (12.30 pm to 1.30) Day 1 Afternoon Session - 1 (1.30 to 3pm) Colouring Techniques, Building colouring rules Identifying colouring source, Marking packets of interest Navigation techniques, Analyzing ICMP Traffic Type numbers and Code numbers., The ICMP Packet structure (Lab exercise)
Day 2 Afternoon Session - 1 (1.30 to 3 pm) Analysing TCP protocol, TCP /IP 3 way handshake TCP packet structure, Analysis of TCP Flags The TCP Sequencing and acknowledgement process (Lab exercise) TCP Retransmissions, TCP Segmentation and Reassembly, Filtering TCP packets on various parameters, Follow TCP streams and Reassembling data, Understanding packet size, Port numbers, Tear down process of handshake (Lab exercise)
Afternoon Break (3. to 3.15pm) Afternoon Session - 2 (3.15 to 5 pm) Afternoon Session - 2 (3.15 to 5 pm) Filtering ICMP packets , ICMP unusual Traffic FTP packet structure TTL Expired in Transit, Tracing the route (Tracert) process, (Lab The Control connection and Data connection exercise) Filtering FTP Traffic, Follow TCP streams on FTP DHCP overview, Capture and Analysis of DHCP packet structure, Detecting login attempts, (Lab exercise) Understanding DORA process, DHCP Unusual packets (Lab exercise) Analysing HTTP packet structure, Filtering HTTP packets