The Course Name: ANSAW â Advanced Network/Security Analysis with WireShark
The Duration: 5 Days
The Overview:
The purpose of this course is to teach participants how to make advanced level Network & Security Analysis with using WireShark solutions.
What You Will Learn:
- How to use advanced Network Analysis methodologies
- How to use open-Source Network Analysis Tools
- How to troubleshoot network issues
- Security threat recognition
The Course Index:
1. Advanced Network Analysis methodologies
- The expert system window and how to use it for network troubleshooting
- Error events
- Warning events
- Note events
2. Open-Source Network Analysis Tools
- Tcpdump
- Windump
- Tshark
- Capinfos
- Rawshark
- Editcap
- Mergecap
- Text2Pcap
- Reordercap
3. Troubleshooting network issues
- Troubleshooting slow Internet and network latencies
- Troubleshooting bottleneck issues
- Discovering broadcast and error storms
- Analyzing spanning tree problems
- Analyzing VLAN tagging issues
- ICMP(v4/v6) troubleshooting
- Analyzing IP fragmentation failures
- Troubleshooting application-based issues
- Â Troubleshooting DNS performance
- Analyzing DNSSEC
- Analyzing problems in the NetBIOS/SMB protocols
- Analyzing POP, IMAP, and SMTP problems
- Analyzing FTP problems
- Analyzing HTTP problems
- Wireshark functions for analyzing HTTPS traffic
- Wireshark features for RTP stream analysis and filtering
- Wireshark feature for VoIP call replay.
- Wireless radio issues, analysis, and troubleshooting
- Zero wireless connectivity
- Poor or intermittent wireless connectivity
- Security threat recognition
- Methodology of attack
- Common network attacks
- Spoofing
- DoS and DDoS
- Botnet
- Discovering unusual traffic patterns
- Discovering MAC-based attacks
- ARP attacks and mitigations
- ARP poisoning and man-in-the-middle attacks
- Gratuitous ARP
- ARP sweep-based DoS attacks
- Analyzing half-open scan
- ICMP attacks and mitigations
- Ping sweep attack
- Discovering ICMP scans
- ICMP flood attack
- ICMP smurf attack
- IP TTL failures and attacks
- Discovering DoS and DDoS attacks
- Discovering smart TCP attacks
- Analyzing brute force attacks
- Case study 1. Remote access
- Case Study 2. Image
- Case Study 3. VoIP