O'Reilly logo
live online training icon Live Online training

Implementing and Troubleshooting TCP/IP

Ric Messier

The TCP/IP suite comprises the foundational protocols of all network communication. While TCP/IP concepts are easy enough to learn, understanding the protocols well enough to deal with any problems you encounter is much harder. Join expert Ric Messier to gain the higher-level understanding necessary to troubleshoot your TCP/IP issues—a critical skill that will expand your knowledge and improve your job efficiency, whether you’re an administrator or an engineer.

What you'll learn-and how you can apply it

By the end of this live, online course, you’ll understand:

  • The different protocols of the TCP/IP suite
  • How the protocols fit together to create efficient communication
  • How ICMP can be used to diagnose problems

And you’ll be able to:

  • Use Wireshark to analyze packets
  • Identify problem traffic on a network at all layers of the network stack
  • Explain the different elements of the protocol headers and their functions
  • Utilize host-based tools to isolate trouble spots

This training course is for you because...

  • You’re new to networking and security, and you want to better understand TCP/IP.
  • You’re a system administrator with solid OS skills who wants to understand TCP/IP more deeply.
  • You’re a network analyst who wants to make the transition to an engineering position, so you need to better understand TCP/IP.


Recommended preparation:

TCP/IP (video training)

About your instructor

  • Ric Messier is an author, consultant, and educator who holds GCIH, GSEC, CEH, and CISSP certifications, and has published several books on information security and digital forensics. With decades of experience in information technology and information security, Ric has held the varied roles of programmer, system administrator, network engineer, security engineering manager, VoIP engineer, consultant, and professor. He is currently a Senior Information Security Consultant with FireEye Mandiant.


The timeframes are only estimates and may vary according to how the class is progressing

TCP/IP protocols: Network and transport (20 minutes)

  • Lecture and hands-on exercise: Using command-line protocols to view network/transport information
  • Discussion: How much experience do you have looking at network information using command-line tools?

TCP/IP protocols: Applications (20 minutes)

  • Lecture and hands-on exercise: Using tools to interact with application protocols by hand
  • Discussion: What tools would you normally use if you were having problems with network connections?

Routing (20 minutes)

  • Lecture and hands-on exercises: Using command-line tools to view, add, and delete routes; using OS tools to manipulate routes

Break (10 minutes)

Name resolution (20 minutes)

  • Lecture and hands-on exercises: Using command-line tools to view ARP and DNS entries; using command-line tools to perform name look-ups; using web-based tools to perform look-ups related to DNS

Packet capture (10 minutes)

  • Lecture and hands-on exercise: Using command-line and GUI-based tools to capture packets
  • Discussion: What have you used (or would you use) packet captures for?

Intro to Wireshark (10 minutes)

  • Lecture and hands-on exercises: Using Wireshark to investigate packets; investigating packet structure within Wireshark

Using Wireshark to identify problems (10 minutes)

  • Lecture: Using Wireshark’s built-in expert guidance
  • Discussion: What is the value in letting Wireshark do the work for you?

Break (10 minutes)

Decoding packets (20 minutes)

  • Lecture and hands-on exercises: How Wireshark decodes packets; using Wireshark to decode packets, including on nonstandard ports; looking at ASN.1 using Wireshark
  • Discussion: Have you ever looked at a protocol specification to see how it’s defined?

Filters and streams (20 minutes)

  • Lecture and hands-on exercises: Using Wireshark to filter network traffic; using Wireshark to extract streams for analysis
  • Discussion: What common types of filters do you think you would use in your work?

Statistics (10 minutes)

  • Lecture and and hands-on exercise: Using Wireshark to investigate network communications and statistics