http://bit.ly/1T10Xk3
CBT Nuggets Wireshark with Keith Barker
CBT Nuggets Wireshark with Keith Barker
CBT Nuggets Wireshark with Keith Barker
This Wireshark training with Keith Barker covers Wireshark, the world’s most popular protocol analyzer, including topics such as installing Wireshark, navigating in the GUI, customizing and using it as a troubleshooting tool, and more.
Whether you need to perform a security application analysis or troubleshoot something on a network, Wireshark is the tool for you! The popular, open-source tool is dubbed the “world’s foremost network protocol analyzer.” (It’s also free and is a cross-platform tool!) In this video training, CBT Nuggets trainer Keith Barker walks you through everything you need to know about this versatile analyzer. He teaches you how to install Wireshark, navigate it, and utilize it to best fit your needs. Topics he covers include: navigating the graphical user interface (GUI), creating profiles, filtering, customization and more. Get ready to learn Wireshark inside-out and how to use it to your benefit.
Recommended Experience
Familiarity with networking concepts and protocols
Network+ (equivalent knowledge) or greater
Recommended Equipment
Windows, Linux, or Mac OS to install Wireshark
Related Certifications
Not applicable
Related Job Functions
Network professionals of all levels
Security experts
Developers
Educators
Keith Barker has been a CBT Nuggets trainer since 2012 and holds a variety of networking and security certifications, including Cisco CCIE Routing and Switching, Cisco CCIE Security, Cisco CCDP, HP-MASE, Brocade BCNP, (ISC)2 CISSP, CompTIA’s Network+ and Security+, VMware VCP5-DCV, Palo Alto CNSE, and Check Point CCSA.
CBT Nuggets Wireshark with Keith Barker Free Download Links
Uploaded Download Links
Get Premium Uploaded Account: Max Speed & Resumable Support Download :
cnwwkb.part1.rar
cnwwkb.part2.rar
1. Getting the Most From This Course (14 min)
Keith introduces the course, along with some examples of why using a protocol analyzer (such as Wireshark) is a critical skill. Keith explains the prerequisites and techniques for getting the most from the time you spend enjoying this Wireshark Nugget course. Keith also demonstrates how to access the NuggetLab files.
2. Jumpstart with Wireshark (21 min)
Wireshark is the world's most popular (and free) protocol analyzer. In this Nugget, Keith walks you through the installation, setup, and a capture to get you started right away! The trace file created in this video is available in the NuggetLab download area.
3. Navigating in the GUI (22 min)
It's a Graphical User Interface (GUI), so how hard can it be? For someone who isn't aware of features or what the icons do, the GUI can appear unfriendly. Understanding the different areas in the GUI, and what they can do, saves hours of trial and error. Those who are new to Wireshark, as well as people who have used it before, can learn some time-saving tidbits in this Nugget.
4. Arranging Wireshark Your Way (20 min)
The default arrangement within Wireshark is a starting point, but most of us will be changing these settings to fit our needs better. In this Nugget, Keith walks you through sorting, moving, hiding, and restoring columns, as well as using the packet details area to view and manipulate the protocols captured in the trace.
5. Wireshark and GNS3 (23 min)
Using virtual environments is a great way to test and validate servers, applications, and devices before putting them on a live production network. GNS3 provides an emulated network and has excellent Wireshark integration. In this Nugget, we take a sample network and apply packet capturing to four different points in that network, in order to compare and contrast the network traffic as it crosses those points in the network. This Nugget focuses on Wireshark. For videos on the GNS3 specifically, please refer to the GNS3 course right here at CBT Nuggets. Also, the four capture files used in this video are available for download from the NuggetLab area.
6. Dissectors (19 min)
Wireshark uses many groups of protocol interpreters (behind the scenes) called "dissectors." These dissectors provide the useful information that we typically see in the details area for a capture. In this Nugget, we take a look at how Wireshark knows which dissector to use to interpret a specific layer of a protocol stack, and what we can do when Wireshark doesn't know what dissector to use.
7. Profiles (19 min)
Wireshark is used for various purposes. One day we might be doing security application analysis, and the next day, troubleshooting latency on the network. The customization of the columns and fields used for each type of analysis is different, and that is where profiles can save a bunch of time. By creating profiles with the perfect settings for a given task, we can switch back and forth between profiles on the fly, and not have to manually alter the settings each time we use Wireshark. In this Nugget, Keith walks you through creating a custom profile, and changing some of the defaults regarding the new profile. The capture file used in this video is available in the NuggetLab download area.
8. Looking for Latency (27 min)
By using the column for TCP Delta for individual sessions, we can see the duration of a delay exists between the packets in a TCP stream. In this Nugget, Keith discusses where latency may exist and how to start using Wireshark to identify it. This video also demonstrates how to move settings from a custom profile from one computer to another. The files used in this video, including additional IOS router commands (that inject latency at R2), can be found in the NuggetLab files.
9. Controlling the Capture (18 min)
There are several ways to capture network traffic so that Wireshark can use it. In this Nugget, Keith explains several options including taps, SPAN, and local interfaces. Once the location of the capture has been identified, there are several important options (such as not filling up your the hard disk) that need to be considered. Using multiple file options, including a ring buffer, are explained and demonstrated. Supporting NuggetLab files for this video are available.
10. Capture Filters (17 min)
When there are gigabytes of data flowing across the network, and we need 24 hours worth of capture time, there will likely be a challenge regarding disk space on the Wireshark computer (even if splitting the capture over multiple files). In this Nugget, Keith walks you through and demonstrates the use of Capture Filters in Wireshark. Capture Filters allow Wireshark to only include the traffic you specify (that will be saved in the capture file), while everything else is filtered out. The homework assignment for this video is available in the NuggetLab area.
11. Display Filters (22 min)
Many times, capture files can be large and contain thousands of network conversations. Using a Display Filter, we can tell Wireshark which packets to display, allowing us to focus on that specific traffic. In this Nugget, Keith demonstrates the logic, creation, and use of Display Filters. The starting profile preference file used in this video Nugget is available in the NuggetLab area, along with the capture file used in this video.
12. Adv. Display Filters (23 min)
Often, to see the exact traffic we want to see, a complex (or, at least, more detailed) Display Filter is needed. In this Nugget, Keith walks you through how to create advanced filters using the details pane of Wireshark, and the all-powerful right mouse button. The profile and capture files for this video are in the NuggetLab area.
13. Zeroing in on Conversations (14 min)
Focusing on a single conversation among the thousands that may be part of a capture file could be like looking for a needle in a haystack. Fortunately, Wireshark has some sweet tools to assist us in following conversations. In this Nugget, Keith walks you through four separate ways to focus on specific conversations within a capture file. The capture file, along with the preferences file for the profile used in this video, are available in the NuggetLab area.
14. Upgrading Wireshark (17 min)
Keith walks you through the upgrade to version 1.10. This version hosts a variety of features including auto-update, HTTP request-response time-stamps, and additional display filter functionality. The two capture files demonstrated in this video Nugget, along with the preferences file from the profile used at the beginning of the video, are available in the NuggetLab area.
15. Sorting out a Troubled Network (31 min)
What's really going on inside of the network? In this Nugget, join Keith on a journey to investigate (based on a Wireshark capture, and using your display filter skills) to identify what type of malicious traffic is on the network. The capture file, profile preferences file and "Solution for display filter.txt" are all available in the NuggetLab area.
16. Raspberry Pi Remote Monitoring (17 min)
Having a remote dedicated capturing device on remote switches is a luxury, and by using a Raspberry Pi for that remote monitoring, the price just went way, way down. In this Nugget, Keith demonstrates how you can use a Raspberry Pi, and support X Windows GUI right back to your management computer.
17. How Regular are Your Expressions? (16 min)
Wireshark's display filters support using regular expressions and wildcards that can save us lots of time when searching our packet captures. In this Nugget, Keith walks you through examples of when and how to use these, including demonstrations. The capture file, regular expression file, and the preferences file from the profile used in the video Nugget are all available in the NuggetLab area. Download them and have them ready so you can practice right along with the video.
18. Coloring Rules (23 min)
Another method to assist us in seeing and interpreting packets is to use coloring rules for various types of packets. In this Nugget, Keith walks you through how to determine why a color was used, and then how to change the defaults if desired. Exporting custom color settings for portability is also discussed and demonstrated. The profile preferences file, along with the capture file used in this video, are available in the NuggetLab area.
19. Using Temporary Colors (10 min)
Coloring rules are great, but what about temporarily assigning a color to focus on a specific conversation or session in a specific trace file? In this Nugget, Keith explains and demonstrates how to use temporary colors to focus on the packets that are of most interest to you. The profile preferences file, along with the capture file used in this video Nugget, are waiting for you in the NuggetLab area.
20. Exporting (19 min)
How do we get a portion of a capture file (as part of a new file or a report), into the hands of those who need it? One solution is to use the Export feature in Wireshark. In this Nugget, Keith walks you through the benefits and options of exporting. The preferences file from the profile used in this video Nugget, as well as the capture file, are available in the NuggetLab file area.
21. Input/Output Graphs (12 min)
Identifying the protocols, hosts, subnets, etc. that are using up the most bandwidth is easily done with IO graphs in Wireshark. In this Nugget, Keith walks you through the creation and use of these graphs. The capture file used in this video Nugget is available in the NuggetLab file area.
22. Expert Infos in Wireshark (13 min)
When Wireshark offers a "recommendation" regarding a potential problem, it can assist us in finding problems more quickly. The "Expert Infos" comments that are added can automatically alert us to errors and issues within a capture file. In this Nugget, Keith walks you through using this feature. The preferences file (from the profile used at the beginning of this video Nugget), along with the capture used, are available as part of the NuggetLab files.
23. Seeing What the User Downloaded (15 min)
Two cooks with equal skills, the same recipe, and the same ingredients, can make the same meal. Likewise, when Wireshark has all the packets involved in a session, it can often allow the recreation of the files seen or downloaded by a user. In this Nugget, Keith shows you how to see graphic files from HTTP sessions, and how to recreate and locally save an FTP file from a Wireshark capture. The profile preferences file along with the capture and other images used in this video Nugget are available in the NuggetLab file area.
24. VoIP (18 min)
One of the types of traffic we are likely to see in a capture file is Voice over IP (VoIP). In this Nugget, Keith walks you through how to look at, graph, and replay voice conversations from the captured packets using Wireshark. The profile preferences file, along with the capture file used in this video Nugget are available in the NuggetLab file area.
25. IPv6 (17 min)
Using a protocol analyzer can shed light on what is really happening with IPv6, including the ability to verify what is actually happening on the network compared to what is supposed to happen. In this Nugget, Keith walks you through setting up a test IPv6 network and then capturing and analyzing the traffic with Wireshark. Keith also covers merging of files in this video. Capture and config files used in this Nugget are in the NuggetLab file area.
If this post was usefull for you, let us know in comments…
The post CBT Nuggets Wireshark with Keith Barker appeared first on Free Download For All.
0 comments:
Enregistrer un commentaire