back

Wireshark 2.2.4

Network protocol analyzer3 H 56 M

Many network administrators use the popular Wireshark network protocol analyzer for troubleshooting network traffic regularly. Learn how to use Wireshark 2.2.4.

This course has a virtual lab
Episodes
Episodes
  • Wireshark 2.2.4
    • Overview
    • What is Wireshark
    • Install Wireshark
    • Perform Data Capture
    • Use Wireshark Interface
    • Use Filters
    • Capture Unicast Data
    • Use Advanced Features
    • Use Advanced Features Part 2
    • Use Stats and Reporting

Overview

4 M

  • Episode Description
  • Transcript

Wireshark 2.2.4 is a free and open source network packet sniffer and protocol analyzer developed as a first response tool. It is the most widely-used network protocol analyzer. I can be used to examine all network traffic because it’s a mini swiss army knife to network administrators who needs detailed visibility into the traffic on their network. It displays the raw data obtained by the sniffer and turns it into readable and meaningful data so that the user will be able to spot issues as well as correct network problems. It’s power lies in the ability to help an analyst find the proverbial “needle in a haystack” when the user is up to speed on what to look for and how to do it. This show helps the network professional get started with Wireshark!

[MUSIC] Welcome. If you've ever wondered what Wireshark is, how to use it, and perhaps what kind of network protocol analyzers are available to us, well, then you're in the right spot. We really are gonna be taking a look at how to use this utility to benefit you in your network to analyze the different types of traffic depending on where you place this within your network, and what machine do you really wanna focus it on or in fact, your entire network. So, let's go ahead and hand this off to Ronnie Wong because he's gonna really explain what we'll be looking at within these series. >> All right, as we get started and taking look at using Wireshark, we, of course, wanna make sure that you understand the very basics of how to get set up and have, not only the knowledge, but also, of course, a few of the skills that you need to get started in capturing data. And, of course, seeing what you really need. So, what we're gonna begin with, of course, is just a simple installation of Wireshark as well. We're gonna talk about what Wireshark is, but then, of course, we'll install Wireshark. I'm gonna show you how to install it, not only in Windows which is by far the most popular way to install it. We'll also do it on the MacBook 2 and then, we'll also show you how you can install it in a Linux distro as well. From that point, we would jump in to just showing you how to do a basic type of packet capturing, which is just getting all the data onto your machine. From that point, you can use it to analyze the amount of data that you have captured. So we're gonna perform a simple type of data capture available for us. Then, of course, now that you know how to do those basic things, it's the interface that can be really confusing at times because there are so many different options. We're gonna walk you through the most basic of the interface so that you understand what you're seeing and what the layout is, and of course, how you can get access to some of the tools. And the beginning area is making sure, of course, that we can start and stop the capture as we need to. Of course, with all the data on our machines at this point, the problem that we have is simple, is now we have a gigantic virtual haystack of all of these different sleevers of data that we have. How is it that we begin to pinpoint or find that one needle in a haystack that we need? We'll talk a bit about using different filters that will help us to begin to whittle down that haystack to really isolate and focus down on the packets that we're really trying to take a look at as well, okay? Now, even though you think we should be done at that point, well, there are advanced features that we can also talk about too, which of course, is being able to capture the conversation of the data between two machines, right? So not only seeing one side of a capture, but actually being able to see if the data can flow on both sides of the capture as well. We'll take a look at doing that, as well as, of course, using some of the expert information tools that we'll see, that are also built into Wireshark to help us to kind of pinpoint in the unusual traffic that we're analyzing. Especially for errors and for warnings that are going on in our systems or for problems, we'll also be able to use that to help us to focus them. And then, of course, lastly we'll start setting it up here for taking a look at the statistical information that we can also find out. We'll take a look at the most general types of statistics and then we'll move into the realm of protocols specific types of statistics that we can also take advantage of. But, if you say, hey, I haven't really worked with Wireshark before, this is a great place for you to begin. If you need a refresher, this is a great place for you to begin. As this series is really about the foundation of learning about it, we think that this will really help you, especially if you're getting started in it, to begin to use it, and to feel more comfortable with it. This series has the potential, of course, of going on and actually developing later content which will add on to the end of this particular short series of shows to probably do more scenario types of examination of data as it goes across our interfaces too. So, check back every once in a while as you're watching through these series, and you might see one, two, or maybe even three or four different episodes start adding in and filling out Wireshark to help us to make it the best possible show that we can. But at least this will get you a great start and a beginning. So, if you are ready to actually start taking that journey, get ready for that very first episode, and Cherokee and I will see you there. [MUSIC]

Just you? Training a whole team? There's an ITProTV plan that fits.

With more than 4,000 hours of engaging video training for IT professionals, you'll find the courses you and your team need to stay current and get the latest certifications.