← Back to Skills Library

Wireshark

Information Technology > Network monitoring

Description

Wireshark is a powerful network protocol analyzer tool that allows you to monitor the data traveling on your network. It provides detailed insights into network traffic, enabling you to spot issues and analyze packets in-depth. With Wireshark, you can filter and search for specific network communications, view these details at various levels from basic overview to packet-by-packet inspection, and even create custom profiles for specific tasks. Advanced users can decrypt SSL/TLS traffic, analyze VoIP calls, and automate tasks using command line options. Expert users can write custom dissectors and perform advanced statistical analysis. Understanding Wireshark is crucial for network troubleshooting and security analysis.

Expected Behaviors

LEVEL 1

Fundamental Awareness

At this level, individuals are expected to understand the basic purpose of Wireshark and be familiar with its interface. They should know how to install the software but may not yet be comfortable with using it for complex tasks.

🌱
LEVEL 2

Novice

Novices can start and stop packet capture, apply basic display filters, and save and load capture files. They have a basic understanding of network protocols and can use Wireshark to perform simple network analysis tasks.

🌍
LEVEL 3

Intermediate

Intermediate users can use advanced display filters and analyze TCP/IP conversations. They can identify common network problems and use color coding for easier analysis. They also have an understanding of more complex network protocols.

LEVEL 4

Advanced

Advanced users can create and use custom profiles, use command line options, and decrypt SSL/TLS traffic. They can analyze VoIP calls and troubleshoot network latency issues. They have a deep understanding of many network protocols.

🏆
LEVEL 5

Expert

Experts can write custom dissectors in Lua and perform advanced statistical analysis. They can use tshark for automated analysis and understand and analyze rare or complex network protocols. They can also teach others how to use Wireshark effectively.

Micro Skills

LEVEL 1

Fundamental Awareness

Knowing what packet analysis is
Understanding how Wireshark can be used in network troubleshooting
Recognizing the role of Wireshark in cybersecurity investigations
Identifying key areas of the Wireshark window
Navigating through different menus and options
Understanding the function of different panels (Packet List, Packet Details, Packet Bytes)
Finding the correct version of Wireshark for your operating system
Downloading Wireshark from a trusted source
Following the installation process
Verifying successful installation
🌱
LEVEL 2

Novice

Understanding the capture options
Selecting the correct network interface
Stopping the capture manually or automatically
Understanding the syntax of display filters
Using logical operators in filters
Filtering by protocol, IP address, port, etc.
Knowing the different file formats Wireshark can save to
Understanding how to load a previously saved capture file
Managing large capture files
Recognizing the structure of an IP packet
Understanding the difference between TCP and UDP
Knowing the purpose of common protocols like HTTP, DNS, DHCP, etc.
🌍
LEVEL 3

Intermediate

Understanding the syntax of advanced filters
Applying multiple filters at once
Using comparison operators in filters
Identifying the different parts of a TCP/IP conversation
Understanding TCP handshake process
Analyzing TCP flags and their meanings
Recognizing common patterns in TCP/IP conversations
Recognizing signs of packet loss
Identifying issues with DNS resolution
Spotting potential security threats
Diagnosing problems with DHCP
Understanding the default color coding scheme
Creating custom color rules
Applying color rules to specific types of traffic
Using color to highlight important packets
Understanding the structure and purpose of protocols like HTTP, FTP, DNS, etc.
Recognizing the signs of specific protocol usage in packet data
Analyzing the behavior of these protocols under different conditions
Troubleshooting issues related to these protocols
Understanding the causes of network latency
LEVEL 4

Advanced

Understanding the purpose of profiles
Creating a new profile
Customizing the layout and columns for a profile
Switching between different profiles
Understanding the purpose of command line options
Starting Wireshark from the command line
Applying filters from the command line
Saving capture files from the command line
Understanding how SSL/TLS encryption works
Configuring Wireshark to use SSL/TLS keys
Identifying encrypted traffic in a capture
Analyzing decrypted traffic
Understanding VoIP protocols
Identifying VoIP traffic in a capture
Reconstructing a VoIP call from a capture
Analyzing VoIP call quality
Identifying high latency in a capture
Using Wireshark's statistics tools to analyze latency
Interpreting the results of a latency analysis
🏆
LEVEL 5

Expert

Understanding the basics of Lua scripting
Knowing how to use Wireshark's API for Lua
Debugging Lua scripts within Wireshark
Creating dissectors for custom protocols
Using Wireshark's built-in statistics tools
Interpreting statistical data to identify network trends or issues
Exporting statistical data for further analysis in other tools
Applying statistical concepts to network analysis
Understanding the command line options for tshark
Writing scripts to automate tshark captures and analysis
Integrating tshark with other tools or systems for continuous monitoring
Troubleshooting issues with tshark captures or scripts
Keeping up-to-date with new or updated network protocols
Researching and understanding the specifications for rare or complex protocols
Applying knowledge of these protocols to packet analysis in Wireshark
Identifying issues or anomalies in these protocols within a network capture
Communicating complex concepts in an understandable way
Creating educational materials or tutorials on Wireshark usage
Providing hands-on training or demonstrations
Staying current with new features or changes in Wireshark to provide accurate instruction

Skill Overview

  • Expert2 years experience
  • Micro-skills81
  • Roles requiring skill6

Sign up to prepare yourself or your team for a role that requires Wireshark.

LoginSign Up