Mastering Wireshark 2
4.5 (557 ratings)
Course Ratings are calculated from individual students’ ratings and a variety of other signals, like age of rating and reliability, to ensure that they reflect course quality fairly and accurately.
4,122 students enrolled

Mastering Wireshark 2

Secure your network with ease by leveraging this step-by-step tutorial on the powerful Wireshark 2
4.5 (557 ratings)
Course Ratings are calculated from individual students’ ratings and a variety of other signals, like age of rating and reliability, to ensure that they reflect course quality fairly and accurately.
4,122 students enrolled
Created by Packt Publishing
Last updated 2/2017
English [Auto], Indonesian [Auto], 4 more
  • Italian [Auto]
  • Polish [Auto]
  • Romanian [Auto]
  • Thai [Auto]
Current price: $86.99 Original price: $124.99 Discount: 30% off
5 hours left at this price!
30-Day Money-Back Guarantee
This course includes
  • 5.5 hours on-demand video
  • Full lifetime access
  • Access on mobile and TV
  • Certificate of Completion
Training 5 or more people?

Get your team access to 4,000+ top Udemy courses anytime, anywhere.

Try Udemy for Business
What you'll learn
  • Understand what network and protocol analysis is, and how it can help you
  • Use Wireshark to capture packets in your network
  • Filter captured traffic to only show what you need
  • Find out about useful statistics displays to make it easier to diagnose issues
  • Customize Wireshark to your own specifications
  • Analyze common network protocols and common network application protocols
Course content
Expand all 46 lectures 05:23:36
+ Installation and Setup
3 lectures 10:36

This video gives an overview of the entire course.

Preview 01:52

The aim of this video is to teach you how to install Wireshark on Windows.

Installing Wireshark on Windows
Installing Wireshark on Mac and Linux
+ Getting Started
6 lectures 35:48

What are the major changes in Wireshark 2 and how are they helpful to you?

Preview 03:29

This video teaches you how to perform a basic packet capture on an interface.

Capturing Traffic

Learn the various methods and formats you can use to save and export your captured packets. See how to export a selection of packets.

Saving and Exporting Packets

Learn how to annotate and comment your packet captures. Print packets and selections of packets for offline viewing.

Annotating and Printing Packets

How to set up pcap on a computer separate from the Wireshark interface for remote capture.

Remote Capture Setup

How to remotely capture traffic across the network.

Remote Capture Usage
+ Filtering Traffic
5 lectures 33:11

Learn about the Berkeley Packet Filter (BPF) syntax.

Preview 04:51

How to filter what traffic is captured using BPF syntax?

Capture Filters

Discover how to sift through the masses of packets in a capture, and display just what you need.

Display Filters

How to find individual conversations within a packet capture? This is accomplished by following TCP or UDP streams.

Follow Streams

Learn how to filter traffic on a certain data field and other advanced methods.

Advanced Filtering
+ Customizing
4 lectures 32:11

Understand where and how to change Wireshark preferences.

Preview 10:45

Learn how to switch between profiles and why one would want to do so. Also, learn to create your own profiles.


Learn how Wireshark applies coloring rules, and how to create your own rules.

Colorizing Traffic

Learn how to apply coloring rules to real-life analysis situations such as for HTTP and DNS.

Colorizing Traffic (Continued)
+ Statistics
4 lectures 26:06

Learn the basics of TCP/IP, how packets are built and the resolution processes.

Preview 08:31

Learn how to use the time column to help troubleshoot network issues.

Time Values and Summaries

Display useful statistics to help bring to light inconsistencies in a capture.

Trace File Statistics

Learn about the Expert System to easily pick out problems that have been automatically found in a packet capture.

Expert System Usage
+ Introductory Analysis
4 lectures 32:54

How does DNS work, what are some common issues with DNS and how do they look in Wireshark?

Preview 09:45

ARP is required for Layer 2 communications; learn to diagnose ARP issues in a network.

ARP Analysis

Learn the differences between IPv4 and IPv6, and detect issues such as fragmentation and broadcast storms.

IPv4/6 Analysis

What is ICMP, why is it helpful in troubleshooting a network, and what problems can occur with ICMP?

ICMP Analysis
+ Network Protocol Analysis
4 lectures 32:42

Learn the basics of UDP, a protocol that provides quick, connectionless communications.

Preview 05:08

Learn the basics of picking apart TCP headers and what to look for.

TCP Analysis I

Dive deep into issues that can be detected with Wireshark in TCP.

TCP Analysis II

Use graphs to help visualize your packet capture and easily see data flow issues.

Graph I/O Rates and TCP Trends
+ Application Protocol Analysis I
4 lectures 37:23

Learn about common issues with DHCP, used to automatically address clients.

Preview 09:40

Learn the basics of HTTP and common diagnostics for HTTP troubleshooting.

HTTP Analysis I

Dive deep into additional issues with HTTP and observe them in Wireshark.

HTTP Analysis II

File transfers can often have problems, learn the basics of analyzing FTP issues such as with Passive Mode.

FTP Analysis
+ Application Protocol Analysis II
4 lectures 40:47

The aim of this video is to learn how to analyze POP and SMTP connections and packet structures.

Preview 11:26

Wireless is continually becoming more important every day; learn how to analyze Wi-Fi connection issues such as signal strength, channel selection, and more.

802.11 Analysis

Converged networks are now the norm. Learn how SIP works for voice traffic, and how a connection is created.

VoIP Analysis

Dive deep into SIP and learn how to reconstruct a phone call to listen for quality issues.

VoIP Playback
+ Command Line Tools
4 lectures 22:56

In this video, you will learn how to run Wireshark from the command line and explore its options.

Preview 07:51

In this video, you will learn how to run the terminal-version of Wireshark to capture traffic.

Running Tshark

In this video, you will learn how to run the most common *nix dump tool.

Running tcpdump

In this video, you will learn how to run dumpcap, an alternative to tcpdump.

Running Dumpcap
  • This step-by-step tutorial on Wireshark 2 starts with capturing and filtering traffic and follows with analysis and statistics, as well as all the new features of Wireshark 2.

Wireshark is a popular and powerful tool used to analyze the amount of bits and bytes that are flowing through a network. Wireshark deals with the second to seventh layer of network protocols, and the analysis made is presented in a human readable form.

Through this video, you will gain expertise in securing your network using Wireshark 2. At the start of the video, you will be taught how to install Wireshark, and will be introduced to its interface so you understand all its functionalities. Moving forward, you will discover different ways to create and use capture and display filters. Halfway through the video, you’ll be mastering the features of Wireshark, analyzing different layers of the network protocol, and looking for any anomalies. You will also learn about plugins and APIs.

As you reach to the end of the course, you will be taught how to use Wireshark for network security analysis and configure it for troubleshooting purposes.

About The Author

Andrew Crouthamel is an experienced Senior Network Engineer and IT trainer who resides in Doylestown, PA, and currently works with organizations such as NASA, ESA, JAXA, Boeing, and the US Air Force. His passion for teaching shows in his courses, which are filled with excitement and real world anecdotes.
Who this course is for:
  • This video is for network administrators who have a basic knowledge of Wireshark and are now looking to master it.