Wireshark Network Packet Analysis Training & Certification in Chennai

Network Packet Analysis (NPA)

  • About NPA Course
  • Lab Access
  • Prerequisites
  • Topics
  • Fee and Deliverables

 

CEC red logo3

Network Packet Analysis (NPA)

Google Review

 The Network Packet Analysis (NPA) course starts with the fundamental networking basic concepts, networking methodologies. This course will drive you into necessary software tools to analyze network data packet traffic for the purpose of intrusion and threat detection, network defense and primarily to identify offensive operations by attackers.

NPA is an outstanding industry standard training program for participant who are interested in analyzing traffic to learn how a program or application works using network, or determining if a networked device is infected with malware or intruders. If you perform incident response or are involved with investigations, this course will help you take your skills to the next level. Wireshark will be used as the primary analysis tool.

Wireshark® is an open source Network Packet Analyzer for analyzing the TCP/IP communications. The participants will experience the use of Wireshark to identify problems in TCP/IP communications. At the end of the workshop, all the participants will have practical knowledge of how to use Wireshark efficiently to analyze and trouble shoot network performance problems.

Benefits of NPA

  • What is Live network traffic, the need for its analysis.
  • Capture packets on wired networks.
  • Use time values to identify network performance problems.
  • Filter out traffic for more efficient troubleshooting and analysis.
  • Implement Wireshark coloring rules to focus on network problems faster.
  • Live demonstration on how attacks, vulnerabilities and defensive method can be done Network layer to Application layer.
  • Use Wireshark's Expert System to understand various traffic problems.
  • Use the TCP/IP Resolution Flowchart to identify possible communication faults.
  • Analyze usual/unusual Domain Name System (DNS) traffic
  • Analyze usual/unusual Address Resolution Protocol (ARP) traffic
  • Analyze usual/unusual Internet Protocol v4 (IPv4) traffic.
  • Analyze usual/unusual Internet Control Messaging Protocol (ICMP) traffic
  • Analyze usual/unusual User Datagram Protocol (UDP) traffic
  • Analyze usual/unusual Transmission Control Protocol (TCP) traffic
  • Analyze usual/unusual Hypertext Transport Protocol (HTTP/HTTPS) traffic

 

 

For Query & Registration

 

For Queries, Contact - 044-39 572 572

 

About Trainer

All our consultants are senior professional with tremendous exposure to Information Security and Governance Risk & Compliance. With over a decade of experience in training & consulting, they help bring a lot of practical and industry relevant examples with case studies to the classroom which improves the overall learning experience. Our professional hold industry acclaimed accreditation such as : Phd , M.S , CISSP, CHFI, CISA, CISM, CEH, ISO 27001 LI / LA, CCNP, CWNA , MCSE & ITIL.

 

 

 

 

server1
Uninterrupted Dedicated Server
work from home
Work From Home
gaming mod threats
Learn With Fun

 

infySEC IS Lab is an extreme Online Virtual Remote Lab provided to participants where they can work from any place at any point of time without restriction. ISLab provides login privilege to Network Packet Analysis participants where they can work in our Virtual Remote Server and start doing their Labs.

Our ISLab was created in such a concept called “Learn with Fun” where each participant will face gaming-like structured online hacking program called 'Live Hacking Zone' which contains many Levels relevant to the topics covered on the program. Each participant has to cross levels to face NPA exam, Hence NPA will only deliver equipped candidates. Participant have to cross multiple Levels starting with easy to toughest level. Each participant can track other participants activity live which helps each participants to get involved into Live Hacking Zone competition, Prepare to be SHOCKED, ENTERTAINED and EDUCATED all at the same time.

 

Please bring your own laptop loaded with Wireshark to class. You may download Wireshark for free at www.wireshark.org.


1. Binding interface to Analyzer, Capture Traffic to/from the Hardware Address using the Ring Buffer method and Capture filter method.

2. Capture traffic on Cabling system and save it to the Disk

3. The Navigation methods, locating strings in a Trace File

4. Set Time Display format and trace delays in the packet transfer process.

5. Capture and Analysis of ARP packets. ARP Padding, Layer 2 Broadcast identification, Need for L2 broadcasting, Encapsulation process, Analysing ARP Payload

6. Capture ICMP traffic and analyse the packets for Type number and Code number of the ICMP packet captured.

7. Unusual ICMP packets. Capturing TTL manipulated packets and Anaysis (Tracert). TTL expired in Transit, Type 3 Code 3 Packet Analysis

8. Filter the traffic with specific Parameters.

9. Understand the Status bar while capturing and filtering the packets.

10. Capture / Open Trace files and Find, Mark, Save, and Colorize Packets

11. Capture live packets. Filter the traffic using display filters. Use various display filter parameters and analyse.

12. Capture and analyse DHCP DORA process packets, Analyse the DHCP Error Message packet, Leasing Parameters.

13. Installation of DNS Server, Creating zone and resource records, Capturing the DNS Traffic, Analyse DNS Query & Response, Unusual DNS packets and Filtering packets based on DNS parameters.

14. Capture and Analyse the Network Layer Header, Source IP, Destination IP,  Time difference between  the request and response, IPV4 parameters.

15. Capture UDP Traffic. Analyse source port and destination port. Filtering on UDP destination port parameters.

16. Capture the packets of TCP 3 way handshake and analyse the Sequence numbers, Port numbers, Acknowledgement numbers and understanding relative sequence numbers configuration.

17. Analysing each parameter in the TCP Flags. Filtering TCP packets based on flag parameters / Values.

18. Capture and Analyse HTTP packets, the Source IP, Destination IP, Source and Destination Port numbers, packet fragmentation details, Reassembly of packets, size of the fragment. Capture and Analysis of SSL encrypted (HTTPS) Traffic

19. Capture and analysis of FTP Traffic, the Control Connections and Data connection handshakes. Identify a Clear Text Password in FTP Traffic and the TCP handshake and tear down process for FTP traffic.

20. Retrieving the downloaded file using Trace file.

Good understanding of basic network concepts and TCP/IP fundamentals. You should know the purpose of a switch, a router, and a firewall. You should also be familiar with the concepts of Ethernet networking, basic wireless networking, and be comfortable with IP network addressing.

 

Who Should Attend

  • Computer Forensics/Digital Forensics Professionals
  • Incident Response Personnel
  • Information Security Professionals
  • IT Managers
  • Law Enforcement Personnel
  • Legal Professionals
  • Network Administrators and Architects
  • System Administrators

 

Things required to attend NPA course:

  • One Passport Size Photo During Registration
  • Photocopy of your ID card during registration
  • Participant have to bring their own WiFi enabled laptop,High Speed WiFi Internet facility will be provided

The content of infySEC syllabuses is regularly updated to ensure that it remains relevant and reflects the latest thinking in par with the scenario of current technology . However, as part of the latest review, the documents themselves have been given a fresh design.

FLOW OF NETWORK PACKET ANALYSIS COURSE

Below topics will be covered in NPA Course:

 

S.No: Topics
1 Introductory Analysis of TCP/IP communications
2 TCP and UDP communication parameters
3 The Wireshark Architecture
4 Traffic capturing techniques and analyzer placement
5 Capture filters
S.No: Topics
6 Display Filters
7 Coloring rules, graphing, field interpretations, and functionality of key TCP/IP communications
8 Packet structure of ARP, ICMP, DNS, IP, TCP, UDP, HTTP, HTTPS (SSL) traffic
9 Service refusals
10 TCP and UDP behavior towards Open/Closed ports

Please bring your own laptop loaded with Wireshark to class. You may download Wireshark for free at www.wireshark.org.

1 Introduction to Network Analysis and Wireshark
 
  • Introduction to Network Protocol Analyzing
  • Selecting a Capture Interface and Creating the First pcap File
  • Using Capture Filter
  • Filtering Low TTL Value Packets
  • Find, Mark, Save Interested Packets
  • Navigate Through Menus and Status Bar
  • Finding a Text String in a Trace File
  • Configuring Global Preferences
  • Merging Multiple Trace Files
  • Create a Colouring Rule to Detect Specific Traffic
  • Understanding Columns and Time Value Evaluation
2 Analysis of Protocol Structure
 
  • Analyze Address Resolution Protocol (ARP)
  • Analyse Internet Control Message Protocol(ICMP)
  • Analyze IPv4 Structure (IP)
  • Analyze User Datagram Protocol(UDP)
  • Analyse Transmission Control Protocol (TCP)
  • Analyze Dynamic Host Configuration Protocol (DHCP)
  • Analyze Domain Name System (DNS)
  • Analyze Hypertext Transfer Protocol (HTTP)
  • Analyze File Transfer Protocol (FTP)
  • IP Fragmentation Packets Analysis
3 Create, Apply Filters and Filter Expressions
 
  • Introduction to Network Protocol Analyzing Level 2
  • Creating Display Filters
  • Ring Buffer Capture and Working with File Sets
  • Creating Filter Expression Buttons
  • Build and Save Filters Based on Packets
  • Filtering TCP Flag Parameters
  • Filtering IP Flag parameters
  • Filtering DNS Flag Parameters
  • DNS Error and Error Codes Filtering and Analysis
  • Filtering Latency Issues
  • Using the Frame.Time Delta Filter
  • Filter on HTTP Server Status Codes
  • IP Address Filtering
4 Follow TCP Streams and Reassemble Data
 
  • Follow a TCP Stream
  • Reconstructing a TCP stream
  • Unsecured Username and Password Recovery from Trace
  • Exporting an HTTP Object - Reconstructing Browsed Images
5 Troubleshooting and Analysis
 
  • Creating Troubleshooting Profiles
  • Analyze Expert Information
  • Round Trip Time - TCP 3-Way Handshake Analysis
  • The Double Deaded ICMP Packet Analysis
  • Zero Window Condition and Windows Update Process
  • Creating IO Graphs
  • Extract and Save Single Subnet Conversation
  • Change Dissector Behaviour Measuring HTTP response time

NPA Course fee

Rs.18,000 Nett

Deliverables includes

  • Course topics covering
  • IS Lab access
  • Handbook
  • DVD which consists of necessary software tools
  • NPA Course Certificate

NPA User Friendly DVDs

It Is Mandatory That You Get Proper Written Permission From Your Organization Before Using Our Course Software, Tools And Techniques On Your Company Networks And Systems For Any Sorts Of Testing Or Services You Lend. If You Are Planning For Any Kind Beneficiary Security Testing Inside Your Organization, It Is Advised To Intimate Your Network And Computer Operations Teams In Written Form Before You Start Any Testing. If You Are Planning For Any Kind Beneficiary Security Testing For Your Clients, It Is Advised To Sign An Non Disclosure Agreement From The Respective Stakeholders In Written Form Before You Start Any Testing.

In Depth HandBook Guide

Each page in course HandBook has been carefully designed with intense care and necessary relevant screenshots included for participant easy understanding.Also this handbook will not be available in local market or book publishing houses.

NPA Course Certificate

You will receive a infySEC Certificate of Completion upon successful completion of our NPA training program.

What Is needed To participate during Training Period ?

  • One passport size photo during registration
  • Photocopy of your ID card during registration
  • Participant have to bring their own WiFi enabled laptop,High Speed WiFi Internet facility will be provided

 

Mode of registration

1. Online fund Transfer

2. Cash payment in training office.