Huge thanks to our Platinum Members Endace and LiveAction,
and our Silver Member Veeam, for supporting the Wireshark Foundation and project.

Wireshark-users: Re: [Wireshark-users] Network Analysis Training

From: Hansang Bae <for_list_hbae@xxxxxxxxxx>
Date: Tue, 14 Jul 2009 13:27:19 -0400
Samson Martinez wrote:
Hello folks, I�m thinking about taking some network analysis training sometime during this year and was wondering if anyone that participates in this forum had taken similar formal training and, if so, if they were satisfied with the results. Or is this more of a �better off learning through school of hard knocks� type of knowledge?

I think it depends on your level of comfort with Ethernet/TCP/IP. I'm assuming here that's what you're interested in. The problem with protocol analysis classes that I've seen or saw online, were that they were very basic. Even the classes defined as "expert" weren't so expert level. Herein lies the problem. How do you classify "expert" "medium" "beginner"?

My recommendation would be to read as much as you possibly can to absorb the academic parts of the protocol. Comer and Stevens are both great books to start with. Then you can move on to general networking topic from the likes of Computer Networks by Tanenbaum or Interconnections...by Perlman.

Once you have the fundamentals, you can tackle troubleshooting and learning to read trace files. There's still a lot of "art" than "science" in doing protocol analysis.

Finally, check out the sharkfest presentations as you can pick up a lot of good tips/tricks of the trade.

--

Thanks,
Hansang