Troubleshooting TCP/IP Networks with Wireshark{2}

by Irving A
Global Knowledge is the worldwide leader in IT and business skills training, with more than 1,200 courses that span foundational and specialized training and certifications. Recently, students are being taught a new way to learn TCP/IP Networks with a new system called Wireshark. Global Knowledge will be offering a new course for the Wireshark Certified Network Analyst exam. Although the course is only five days long students will be receiving in-depth, hands-on training on traffic capturing techniques and analyzer placement traffic filtering. Students will also create customized profiles, coloring rules, graphing, field interpretations and functionality of key TCP/IP communications. Other factors addressed in the course are the normal behavior of ARP, DNS, IP, TCP, UDP, ICMP and HTTP/HTTPS. Lastly, students will learn to identify latency issues, connection establishment concerns and service refusals.

The Transmission Control Protocol (TCP) is one of the main protocols of the Internet Protocol Suite. TCP is one of the two original components of the suite, alongside the Internet Protocol (IP), hence the entire suite is commonly referred to as TCP/IP. TCP provides reliable delivery of a stream of bytes and information from one program on one computer to another program on another computer. TCP is the protocol that major Internet applications such as the internet, email and file transfer rely on. Before data can be transferred, a TCP connection must be established. Every TCP conversation has two logical routes: an outgoing and incoming route.

All data is sequenced and lost packets are detected and retransmitted. TCP views data transmitted over a route as a continuous stream of bytes. A TCP window is used to avoid sending to much data. TCP will segment any application data so that it will fit within the IP MTU. Wireshark is an open source network packet analyzer. Without any special hardware or reconfiguration, it can capture live data going in and out over any of your box’s network interfaces: Ethernet, WiFi, PPP, loopback, even USB. Typically it’s used as a forensics tool for troubleshooting network problems like congestion, high latency, or protocol errors.


Enloe, N. (2011, December 15). Students learn to troubleshoot tcp/ip networks with wireshark in new course from global knowledge. Retrieved from