Skip to main content

Training delivery: Face-to-face / Online sections on Google Meet + pre-recorded videos

Trainer: Dr. Saeed Roostaee

What you’ll learn

  • Packet sniffing approaches and tools
  • How to connect to switched network infrastructure to capture required data
  • How to start with Wireshark and its basic settings
  • How do you use capture and display filters in Wireshark?
  • Tips and tricks on working with packets
  • Tips and tricks on working with capture files
  • How to analyze GOOSE, Sampled Values, and MMS traffic with Wireshark
  • Practical examples
  • Capture and interpret network traffic with Wireshark
  • Understand core networking protocols – DHCP, DNS, TCP/IP
  • Troubleshoot the top five network problems with Wireshark
  • Analyze a cybersecurity attack with Wireshark

Content

Using Wireshark for traffic analysis in digital substations

  • Introduction and Contents Overview
  • Installing Wireshark and the Command Line Tools
  • Introduction to packet sniffing and basics of communication protocols
  • What are Wireshark Profiles and Why Should We Use Them?
  • Hands-On with Wireshark
  • Configuring Profiles, Adding Custom Columns
  • Configuring the Wireshark Interface
  • Making the right connections to start sniffing in a switched environment
  • Start capturing with Wireshark and manage its basic settings
  • Introduction to Wireshark Filters
    Capture filters Vs display filters
  • Filtering for IP Addresses, Source or Destination
  • Filtering for Protocols and Port Numbers
  • Filtering for conversations
  • Operators in display filters
  • Working with packets
  • Working with capture files
  • Creating Display Filters in Wireshark
  • Packets and the OSI Model
  • Ethernet – The Frame Header
  • Unicasts vs Broadcasts vs Multicasts
  • The Internet Protocol – Learning the Header Values
  • Following a Packet Through the Network – Re-Encapsulation
  • Analyzing a Packet From Multiple Capture Points
  • How IP Fragmentation Works
  • The UDP Header Explained
  • UDP Review
  • Practical TCP – The Handshake
  • Analyzing TCP Options
  • How Sequence and Acknowledgement Numbers Work
  • Slow application response time
  • High Network Latency
  • Network Packet Loss
  • TCP Analysis Review
  • Digital substation traffic capture analysis
  • Practical demo with Wireshark

Leave a Reply

Your email address will not be published. Required fields are marked *