Image 1 of 1
Introduction to Wireshark for TCP/IP Networking
Location: On-Site or Online
Pricing: $1,250 per seat (6-seat minimum)
Length: 3 Days
Course Summary
Introduction to Wireshark for TCP/IP Networking is a practical, hands-on course designed to teach students how to analyze, understand, and troubleshoot TCP/IP networks using Wireshark.
Students learn how network traffic actually behaves on the wireβfar beyond diagrams and theory. The course focuses on packet capture techniques, protocol dissection, TCP/IP fundamentals, and real-world troubleshooting scenarios involving latency, packet loss, retransmissions, and misconfigurations.
By the end of the course, students are comfortable capturing traffic, filtering packets, interpreting protocol behavior, and using Wireshark as a core diagnostic tool for networking, security, and application support.
Course Outline
Day 1 β Networking Foundations and Wireshark Basics
π¬ Lecture: Why packet analysis matters
π¬ Lecture: Review of TCP/IP model and protocol layering
π¬ Lecture: Frames, packets, segments, and encapsulation
π¬ Lecture: Where Wireshark fits in troubleshooting workflows
βοΈ Lab: Installing Wireshark and validating the environment
βοΈ Lab: Exploring the Wireshark interface and packet list panes
βοΈ Lab: Capturing traffic on a live interface
βοΈ Lab: Identifying Ethernet, IP, TCP, and UDP headers
βοΈ Lab: Saving and reopening packet capture files
Day 2 β Packet Capture and Filtering Mastery
π¬ Lecture: Capture vs display filters
π¬ Lecture: Berkeley Packet Filter (BPF) fundamentals
π¬ Lecture: Display filter syntax and logic
βοΈ Lab: Applying capture filters to limit traffic
βοΈ Lab: Building display filters for common protocols
βοΈ Lab: Filtering by IP address, port, and protocol
βοΈ Lab: Combining filters with AND / OR logic
π¬ Lecture: Time, packets, and conversations
βοΈ Lab: Using time display formats
βοΈ Lab: Following TCP and UDP streams
βοΈ Lab: Viewing conversations and endpoints statistics
Day 3 β TCP, UDP, and Core Protocol Analysis
π¬ Lecture: TCP connection lifecycle (3-way handshake, teardown)
π¬ Lecture: Sequence numbers, acknowledgements, and windowing
π¬ Lecture: Retransmissions, latency, and congestion indicators
βοΈ Lab: Analyzing a TCP three-way handshake
βοΈ Lab: Identifying retransmissions and duplicate ACKs
βοΈ Lab: Measuring round-trip time (RTT)
βοΈ Lab: Detecting slow connections and packet loss
π¬ Lecture: UDP behavior and use cases
π¬ Lecture: Common TCP/IP application protocols (DNS, HTTP)
βοΈ Lab: Analyzing DNS queries and responses
βοΈ Lab: Tracing HTTP request and response flows
βοΈ Lab: Differentiating TCP vs UDP traffic patterns
Day 4 β Real-World Troubleshooting and Analysis Techniques
π¬ Lecture: Structured troubleshooting with packet captures
π¬ Lecture: Identifying client vs server responsibility
π¬ Lecture: Common network failure patterns
βοΈ Lab: Troubleshooting a slow application scenario
βοΈ Lab: Diagnosing a failed TCP connection
βοΈ Lab: Identifying MTU and fragmentation issues
βοΈ Lab: Detecting malformed or unexpected packets
π¬ Lecture: Best practices for packet captures in production
π¬ Lecture: Interpreting results and communicating findings
βοΈ Lab: Building a repeatable capture and analysis workflow
βοΈ Lab: Documenting findings from packet analysis
βοΈ Lab: Walking through an end-to-end TCP/IP troubleshooting exercise
Outcomes
Students who complete Introduction to Wireshark for TCP/IP Networking will be able to:
Capture and analyze network traffic confidently
Understand TCP/IP behavior at the packet level
Use filters to isolate relevant traffic quickly
Identify latency, packet loss, and retransmission issues
Troubleshoot real-world network and application problems
Communicate findings clearly using packet evidence
Location: On-Site or Online
Pricing: $1,250 per seat (6-seat minimum)
Length: 3 Days
Course Summary
Introduction to Wireshark for TCP/IP Networking is a practical, hands-on course designed to teach students how to analyze, understand, and troubleshoot TCP/IP networks using Wireshark.
Students learn how network traffic actually behaves on the wireβfar beyond diagrams and theory. The course focuses on packet capture techniques, protocol dissection, TCP/IP fundamentals, and real-world troubleshooting scenarios involving latency, packet loss, retransmissions, and misconfigurations.
By the end of the course, students are comfortable capturing traffic, filtering packets, interpreting protocol behavior, and using Wireshark as a core diagnostic tool for networking, security, and application support.
Course Outline
Day 1 β Networking Foundations and Wireshark Basics
π¬ Lecture: Why packet analysis matters
π¬ Lecture: Review of TCP/IP model and protocol layering
π¬ Lecture: Frames, packets, segments, and encapsulation
π¬ Lecture: Where Wireshark fits in troubleshooting workflows
βοΈ Lab: Installing Wireshark and validating the environment
βοΈ Lab: Exploring the Wireshark interface and packet list panes
βοΈ Lab: Capturing traffic on a live interface
βοΈ Lab: Identifying Ethernet, IP, TCP, and UDP headers
βοΈ Lab: Saving and reopening packet capture files
Day 2 β Packet Capture and Filtering Mastery
π¬ Lecture: Capture vs display filters
π¬ Lecture: Berkeley Packet Filter (BPF) fundamentals
π¬ Lecture: Display filter syntax and logic
βοΈ Lab: Applying capture filters to limit traffic
βοΈ Lab: Building display filters for common protocols
βοΈ Lab: Filtering by IP address, port, and protocol
βοΈ Lab: Combining filters with AND / OR logic
π¬ Lecture: Time, packets, and conversations
βοΈ Lab: Using time display formats
βοΈ Lab: Following TCP and UDP streams
βοΈ Lab: Viewing conversations and endpoints statistics
Day 3 β TCP, UDP, and Core Protocol Analysis
π¬ Lecture: TCP connection lifecycle (3-way handshake, teardown)
π¬ Lecture: Sequence numbers, acknowledgements, and windowing
π¬ Lecture: Retransmissions, latency, and congestion indicators
βοΈ Lab: Analyzing a TCP three-way handshake
βοΈ Lab: Identifying retransmissions and duplicate ACKs
βοΈ Lab: Measuring round-trip time (RTT)
βοΈ Lab: Detecting slow connections and packet loss
π¬ Lecture: UDP behavior and use cases
π¬ Lecture: Common TCP/IP application protocols (DNS, HTTP)
βοΈ Lab: Analyzing DNS queries and responses
βοΈ Lab: Tracing HTTP request and response flows
βοΈ Lab: Differentiating TCP vs UDP traffic patterns
Day 4 β Real-World Troubleshooting and Analysis Techniques
π¬ Lecture: Structured troubleshooting with packet captures
π¬ Lecture: Identifying client vs server responsibility
π¬ Lecture: Common network failure patterns
βοΈ Lab: Troubleshooting a slow application scenario
βοΈ Lab: Diagnosing a failed TCP connection
βοΈ Lab: Identifying MTU and fragmentation issues
βοΈ Lab: Detecting malformed or unexpected packets
π¬ Lecture: Best practices for packet captures in production
π¬ Lecture: Interpreting results and communicating findings
βοΈ Lab: Building a repeatable capture and analysis workflow
βοΈ Lab: Documenting findings from packet analysis
βοΈ Lab: Walking through an end-to-end TCP/IP troubleshooting exercise
Outcomes
Students who complete Introduction to Wireshark for TCP/IP Networking will be able to:
Capture and analyze network traffic confidently
Understand TCP/IP behavior at the packet level
Use filters to isolate relevant traffic quickly
Identify latency, packet loss, and retransmission issues
Troubleshoot real-world network and application problems
Communicate findings clearly using packet evidence