Wireshark Tutorial for BEGINNERS || How to Capture Network Traffic || Skilled Inspirational Academy

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

foreign [Music] welcome to Skilled inspirational Academy as you see my screen today's topic is Wireshark training and a little bit background about myself my name is Arjun I'm working as a network engineer and my responsibilities is to uh take the Cisco Network appliances and wireless devices I've been working in the same domain for past 10 years so I am carrying 10 years of experience in networking so the I would say the biggest takeaway of this class what you would get once you've finished this training the biggest takeaway from this class is that you would understand why shark with more insights and there are many people's uh people they they still are not aware of Wireshark and Wireshark is very powerful network analysis tool so by end of this training you would understand why I start with more insights about TCP and other most common used protocols and also you by end of this class you would be confident to you know for confident and you will be very skillful to filter out the packets in Wireshark and you would get really a solid understanding of TCP and also you would able to troubleshoot your TCP and network issues uh once you finish this training so that is the biggest takeaway from this class so let's start this yeah so for networking the most common problem the if most of the time the network engineer they would be facing is the internet slowness issue so all the team members they'll be always barking about this problem either it could be a application issue it can be a server issue but it always you know the network team will be blamed for the slowness internet connection right this is the most common issue we would know so let's get started with this so when you get a problem generally what the network Engineers the conventional way of doing troubleshooting what they do so when the problem comes to the networking team so they have access to most commonly they use routers and switches we all aware of it so that's the appliances they use and they say it is a layer 2 and layer 3 devices as you know this is OSI model we see this is OSI model and they mostly work on this layer 2 and layer 3. so the router is the appliance it works on IP so it is called layer 3. because it uses IP address for communication layer 2 is Mac address and all your switches work on it so I'm just giving a glimpse about this so the maximum possibility what we have the network engineer we have is to you know check the physical connection first example if you got two routers here and if the physical connection is broken or if you got any errors here so you can check all this in your CLI in the command line you can see the errors are increasing and uh but so you can see your errors are increasing yeah your errors CRC errors so this is possible with CLI but what if if there is a problem with the application how do you prove so here comes a debate between other team and the network team right so they say okay if I have checked everything my network interface is clean my utilization level is quite normal it's not you know the bandwidth is not joking it is below 60 percent and there is no error but how can I prove it is a network issue so that is the biggest challenge we have so how to deal this problem so so to understand that better I'll give a glimpse about how what what is TCP IP foreign so what is the agenda of this class so if example if there is a packet loss how do I find okay with all the availability with the interface errors and all that I have done all the checks but still I couldn't figure out it's a problem with network I I'm bit doubt about this maybe it could be a problem on my end but my possibility is to check all this but I did all this but apart from that how I can leverage this to the next level and to find how do I do a deep packet analysis and find out it is not a network problem it is something with the application how do I prove that so here comes the challenge right so the most common problem when it comes to network performances packet loss right if you see a packet loss but how do I find it's a packet loss and who is where where the packet loss happens is it's in the source or a destination it can be either a source or destination so how to diagnose and fix it so before going to that I want to give a glimpse about TCP and IP so you all heard of it but I'm not going too deep about tcpip here but I am giving an idea for how tcpip works here so TCP they say it's a transmission control protocol and it is reliable whereas with UDP it is not like that so why it is called as a reliable so every packets it's received on the other end it's going to send an acknowledgment for every single packet so what is the advantage of this if I miss any packet in the middle so it's going to say the destination is going to say that I didn't receive the packet so you have to resend back so that's called re-transmission so you have to retransmit the data because I haven't received it and we all know that the if you send a 1 MBO file and it is not the one 1mb file will not be sent it across as a one whole file right so that's chunks of data so that's segmented into packets and it will be sent as one by one packet one packet two packet three example so if there is a problem with packet three it's going to acknowledge that I didn't receive packet three can you send it back the packet three so this is a real advantage of TCP whereas the UDP doesn't work once the connection is established it's going to send the data continuously it never bother about whether it's been sent successfully or it's it's a failure it doesn't care about anything it just continues in this data so your YouTube all your most of the video streaming application they use UDP so this is the you know key difference between uh TCP and UDP so here if you see if there is a computer if you want to send a data it sends us a small chunks before transfer it's not the whole data so with the help of TCP what is the real advantage of ctcp the successful transfer has been acknowledged but whereas in the physical Network this is not guaranteed right so if if I have only access to my routers and switches but how do I see all this I cannot see all this information so I can see only the interface errors and the physical problems I can figure out but this is something the segment level of uh analysis I cannot do with my appliances so here comes the Wireshark so how can I use a Wireshark to figure out all this and how I can filter all all the protocols and I can do a deep packet analysis so example here if I send a packet with numbering so it does it mean that uh the packet delivery is successful no definitely not so that's the reason the TCP is using the acknowledgment number and sequence number this is again as a glimpse not too deep about this so when we say TCP is a three-way handshake whereas in UDP it is not so if you see this is a three-way handshake so this is a source your PC it's going to send a sync so before your data transfer before your data transfer the connection establishment should happen so it means that if the pce sends and sync to the destination the destination should respond back with sync acknowledgment it says that okay I got your sync and then acknowledged so for the sync acknowledgment it's going to send an acknowledgment back again so this is called three-way handshake so it's fine so we understood that the connection establishment should happen before your data transfer that is a real advantage of TCP whereas in UDP it is not so now we have gone through you know how a TCP we got in a basic understanding of how TCP works and how what is three-way handshake and what is reliability and all that so what is this is very basic so what is sequence number and what is acknowledgment number this is important so whenever the the conversation starts between source and destination it's going to start with a sequence number that's like you know marking your packets so every packet has its own sequence number if you see here this is a source this is a random port number right can you say this this is a four zero one six so you can find this is a random Port generated by your Windows PC and this is from the client so I can say this is a client by looking into the source port numbers and destination Port is 80 and this is a server how can I say it's a server because Port 80 is HTTP right so this is a server so it is trying to establish a connection so this is a server back see that how the source Port is changed to 80. so earlier it was sources four zero one six and destination is 80. this is source and this is destination so here again this is Source this becomes Source because this is a server and the destination Port become 4016 this is your client so this is a you know Glimpse about how TCP sequence number and acknowledgment works and now we go to the you know Hands-On practical demonstration to find the TCP IP troubleshooting part okay so let me open up this so my objective here is to find only DNS so there is a there is a connection establishment happen example you're trying to access you're trying to access google.com so it sends a DNS request this is for name resolution right and for the name resolution it uses DNS but in my in my packet capture how do I find the DNS request alone so I want to see how many DNS requests has been sent from my PC so this is a lab capture so now this is the display filter if you actually see this this is the let me maximize my screen so this is the tool called Wireshark and you can know about the version of it this is version 4.0.3 and we'll see the list of option that's available but the what is the key options we have let me explain so we don't want to bother about time Delta time so we are just looking at the basic understanding of Wireshark here so I did a capture and I opened up the capture here so here is the display filter where you can filter your protocols so here I want to see DNS so if I click DNS I have to look at the displayed value here so what is my displayed values 606 so I got 606 DRS packets in my capture right I can see here protocol is DNS you you are looking only DNS if I delete this if I remove this filter I'm I can see all the protocols not only DNS I can see TCP https and all other protocols but I am not in I am not interested in all that I want to see only the DNS conversation that happened between my PC and to the destinations so to do that so here is an option is a display filter value so here I have to type DNS enter that's it so I get all the DNS so how many DNS packets I got I got 606 DNS packets here so I got 606 DNS packets so now I want to see we all know about query but this is again the basic understanding of query so when you type google.com what exactly happened in the background so if you type google.com in your browser I don't know about who is google.com I don't know about anything we all know this works only based on IP addressing right it works only based on IP addressing so I don't know the IP address of google.com this is unknown so what it does it sends a DNS request to the DNS server so my PC points to Google DNS 8.8.8.8 you're all aware of this is root server so my request goes to 8.8.8 and my PC is asking for who is google.com and what is an IP address example I'm I'm giving a private address here it's 8.8.4.4 example so I got this address so this is called as a query process see can you see this is all query process it goes here if you drill down this packet you can see see it's using DNS this is a query this is my source port and this is destination ports so what is this is a DNS port number 53. and this is UDP it is using udb so we'll get to know about all this so if somebody is asking that your DNS is not working you can do this you can do a capture and you can see it is really happening or not so on from here the what is the query it says this is an host a record and this is www.google.com so this is how uh you can filter out the DNS in Wireshark so now we are moving to the next one so I want to see how many queries has been done from my PC how many DNS queries has been sent to do that I am going to delete this filter I'm going to apply this so I got 981 DNS requests queries has been sent solve standard queries if you see this it goes to speak slow.com youtube.com and you can see all the domains wherever the query has been sent from your PC you can drill down and if you are interested on a specific query you can go and see what really happened here you get a query response back then your DNS is success if you're not getting it then it is a problem something with something with your Source or destination so we'll get deep understanding about the DNS queries here so what is the total number of DNS packets here it's 981 so I got 981 queries sorry so I got 981 queries has been sent from my PC so if I am interested to filter out only the query which has been sent to google.com how do I do that to copy this filter DNS dot query dot name equal to the domain say example it can be youtube.com or whatever the the domain you want to filter you can do it but this is the standard filter that is dns.query equal equal and your domain name here I want to filter out only google.com I can say google.com only google.com here not any other domains so how many requests has been sent for requests so you got 9851 packets but the display value is four it means that only four queries has been sent for google.com because I filter out very specifically for google.com the domain only for google.com so the displayed value is 4 so total queries or four so four queries has been sent now um I got about 9851 packets but somebody is saying okay I got a problem with my TCP but how can I figure out that so to do that you just go and type TCP in the display filter and you will get only TCP and we all know that TLS https is on top of TCP that's why you can see TCP and TLS together so how many TCP packets I got here so out of 9851 packets the only TCP packets or 7988. so 7988 packets only TCP so to find how many UDP packets I'm not interested on any other packets and how do I find UDP so this shows only UDP because here it shows em DNS uses UDP we have seen that the user datagram protocol it uses port number 53 so you see mdns along with that because whatever the protocols it uses DNS it's going to show up here so out of 9851 packets I got only 1752 packets only DNS sorry only UDP so in the same way uh we know about icmp right so icmp let me give you a glimpse about icmp so this is my source and this is my destination so the icmp will send actually the four consecutive packets to test the connection this is called icmp request icmp response so icnp request will be sent by the source and this is sent by the destination if for my icmp request if I get an icmp response then the connection then I have a connection between source and destination and if I am not getting icmp response then it's there is something problem with my destination but how do I find that in BioShock you have to go erase this filter and I have to type icmp can you see this this is Ping request this is all request Sent From the Source this is my IP address 192.1680.38 this is my IP my PC is trying to communicate with this destination this is Ping request and if you see the Ping reply this is the destination it is sending a reply back to my source this is paying reply so from this you can figure out see this all Port unreachable right so if I send from my PC I'm trying to communicate to this destination it says destination unreachable Port unreachable so it means that there is some problem with my destination you can see multiple destinations the whole public IP addresses solve destination unreachable so from this I can figure out this too has communication for sure because I see ping request and ping reply back whereas I cannot see the you know ping reply from the destination from the public IP see my source is sending packet but I am not reaching the destination Port unreachable so it says there's something problem with all these IP address the salt destination and reachable so you can say now I don't have any problem with my network it is something problem with the destination so you will get the solid understanding you have a solid proof that your part is fine you you do you you don't see any problem from the network standpoint it's something problem with the destination you can prove that with the filters so in the icmp if I look at here out of 9851 packets the displayed value is 21 so only the 21 icmp conversation happened so 27 so what if example I want to I want to look at all the traffic but I don't want TCP traffic I'm not interested in TCP traffic somebody's new I want to ignore the TCP traffic because there is something problem with other protocols my DNS maybe my icmp whatever protocol but I don't want the TCP packet how to do that so you have to give exclamation and TCP if you give that you going to you you are going to see all the protocols except TCP you see all DNS R packets your icmp right you see all the pack all the protocols but not TCP so 1863 packets except TCP so all the protocols are included in this one eight six three packets but no TCP packets total I got one eight six three so now so I don't want icmp packets the same filter you have to add this is also called as not icmp examination icmp so what is the meaning of it it's not icmp we give Dot icmp you're not going to look at the icmp packets here so 9830 but not icmp it includes all the protocols so now I'm interested to see I don't want to see DNS I don't want to see icmp I am interested to see TCP and all other protocols but not UDP so now you cannot see any UDP because I gave exclamation UDP it means that I want TCP and not UDP and you see only TCP conversation here so how many packets is 7988 okay now we got to know how I can filter the TCP DNS UDP and I got an idea about all this so now let's go for a scenario example you you got that you you got a problem where you have a network loop but as I said with just the CLI and the with just the CLI and the monitoring application you have you you cannot you know rule out or you cannot concretely say it is a network loop or you don't have any problem but what is the proof and how do I do that deep analysis and deep dive and find out okay there is a network loop or there is my network is very clean so how do you prove that so to do that I have a packet capture that's a lab capture I did this is a use case to find the recent network loop so to do that I have to type TCP first we all know so I am just looking at the TCP conversation now so here let me start with this from here so here if you see this is Source port and this is destination port this is https because https uses 443 you cannot see all this in your router right maybe in the firewall you get to know what is the active connection what is the protocol used but just with routers and switches if you have Wireshark you can see all the port numbers and what is the protocol used and your TC TCP handshake and even more we'll see that so now we got Source port number this is my random generated port number for my PC this is my private IP address and this is my public IP address and this is my public IP so when I look at this we discussed about this right from the source to the destination sin so from the destination I'll get a synag back it means it says that I got your sin and I'm acknowledging you so for this synag it's going to send a sink again this is a conversation between source and destination so now I know from this white shark I have taken out these values this is my source port number and what is my destination port number it is 443 and based on the port number I know this is https connection so here TLS is used we all know TLS uses https it's running on top of that right so you see this client hello Cypher SEC exchange the certificate exchange this is 2D but but I'm just giving a glimpse of it is using https and it is we are using TS that's why the handshake you all see all this information only possible with fire shark so I get to know about all this details so now how do I find it's a it's a problem with the network how do I figure out that okay so for that first we have to see the basics so I see synac act so it means that my connection establishment is successful I agree yes my connection established so what is the problem now my connection is established but how do I find out there is a network problem if you drill down you can see the errors okay what is the first error I see it says re-transmission so now we have to look closer so who is sending this so this is the destination Port from the random port number I have figured out that okay I know this is client and from The Source Port this is https only the server uses it so I know this is server port I know this is server if you drill down even more so it sees that re-transmission TCP segment data and if you drill down this sequence and acknowledgment analysis there is an analysis flag set here it says this Frame is a suspected re-transmission so why re-transmission happens it says I didn't get this part it can you re-transmit back again send it back one more time because I didn't receive it so here the retransmission happened you can find that under the TCP analysis flag and Export export info will give you this detail so here the retransmission happened and who is this who is doing this retransmission I have to find out is it the problem with the client or server but from this I cannot figure out so I have to I have to do a deep packet analysis so one retransmission happened that from the server to the client so if I do a drill down so I have to look at any other errors TCP errors okay can you see this it says TCP out of order what is the meaning of TCP out of order example so this is my source this is my destination we all know this is not a one-to-one communication there are service providers in the middle who gives an internet connection for me so I have a return and connection that's my ideology to say here so I have a redundant connection to it from my source to destination so the TCP it says it's out of order what is the meaning of it so if my source and destination is communicating in one single path if the communication is happening only between these two path if it is going across this router four hops away and if I'm reaching this destination I won't see this out of order the TCP out of order what generally it says so my when I send a packet from source to destination it goes to this primary path router 1 router 2 and router 3 and it reaches a destination here so when it comes back it's actually coming back with route of router 6 router 5 and router 4. so this is taking this path instead of this path so this is called a route this is a loop in a network right so I got two path this is not good I should have the bi-direction should happen in one single linear path it should not happen like this then there is a loop because of this Loop the network is completely confused and I don't know where to send back this request back so for the first time it's going to send in the primary path A to B it's going through router 1 2 and 3. but when it is coming back it is coming through R6 R5 and R4 it's taking a longest path instead of coming back in the same but this is for a demonstration I have given only four routers that can be hundreds of routers in the middle we all know that the ISP is all interconnected they do this bgp pairing and they do all this and this is not guaranteed that I am getting the reply back from the same place so where exactly this has happened so if I look at that if you see the first re-transmission when we looked in the very first place when we saw this retransmission it is from the destination from the server if you see the TCP out of order it's been generated only on the destination that's the server so it means that my problem is with the server not with the client if you see all this out of order has been sent from this so about how do I filter out only this I have to go to conversation filter you have to right click and you have to go to conversation filter and you have to do TCP and you see only this conversation you got 10 and 20 TCP conversations but I am interested in one one single conversation and you can see this is the destination this is the source this is a server and it says TCP out of order if you see the acknowledgment number and sequence but they are all unique so here is a network loop how this is Possible only through Wireshark you cannot do this with your appliances you cannot with CLI you do not have this kind of Deep insights about what exactly happened between this tcpip conversation so now we found okay what is the meaning of TCP out of order it means that there is a loop in a network so what are the other key things you have to see here see this is all non-routed packets I can definitely say this is time to leave all with 64. so we all know this is the standard they say it's a TTL value for Unix it is 64. 64 is 64 hops and for Cisco routers it is 255 and for Windows I believe it should be 255. so what why TTL is so important here do I really concern about TTL definitely because every hop that will be decremented example if my packet is going from R1 to R3 so for every hop the TTL value will be decremented by one so here if you see these packets are not routed at all if you see this sequence number it's going to be the same so here no routing happened here there is a problem with the connection that's what I mean to say so in my whole conversation between source and destination there is a place where I am not getting a response back so why because it's going in a two different path there is a routing Loop and if you actually see here this is all taking two seconds two seconds in a network is a high latency it's all happening in milliseconds and the routing is not happening so I can confidently say it is a problem and it is a problem with the destination right for this request I am not getting a response back at all from the destination so it means that my my packets are not routed it's not moving forward it got stuck in one place because of this routing loop at times it works at times it is not so we say this is an intermittent issue right and there is a slowness in the network the network path is not you know properly optimized or designed so I have to look at routing so from here you can take it you can leverage your troubleshooting further so now I found there is a loop but how do I find that so I'll do a trace route from my command prompt to the destination example 8.8.8 so it's it's going to show me two different path example if I want to reach 8.8.1 example I am going to 192.168.1.1 my modem router then it goes to public example 113.4.5.6 113.4.5.8 and then I reach 8.8.8 but when I do the same thing in the destination example this is happening inside your inside your network I mean this is inside your Enterprise Network this is not in the cloud I'm saying but because the cloud may they have a load balancing and you may see a different path but I'm talking about your only your branch office and remote Office Connection something like this only between your branch office and your remote office a connection something like this this is all branch office and this is your headquarters example so I'm just talking about the communication between your branch office and the headquarters and if you do a trace routing you will get a different response here it is taking a the IP address whatever you see here but when the reply comes back you see a different value example you see here 114.4.5.8 but it's again reaches 8.8.8 but that is not expected if your path is optimized you have to get a reply back in the same path it has to say you take the same path then it is a routing Loop and definitely there will be a latency and this there is a performance issue so you have to figure out this how I come to know about all this only because of wire start why shark is you know the complete insight about the issue you cannot do that only with you know router CLI you can't even do a trace route but how can you find this TCP out of order and TCP retransmission and acknowledgment numbers so all the all this information is only available in the Wireshark and you can make use of this tool and uh you know so many people they use this as a The Architects they use this tool to figure out the problem if there is a problem continuously and we cannot figure out so they come in and they do all this packet analysis and they'll figure out it's a problem with a network or it's a problem with application it's a problem with the server so now I say this is a server because the servers keep re-transmitting here but anyway my path is not optimized so it's my problem so once I fix this problem still I encounter this problem then there is a problem with the server so now let's see TCP retransmissions let me it is let me take out this filter so I want to see only re-transmissions so conversation filter TCP if I drill down you can see the fast retransmissions duplicate acknowledgments yeah so here is a scenario so now if there is a problem with the client now the server is fine now there is a problem with the client so what is a how do I find that so here you see the TCP duplicate acknowledgments why it is a duplicate acknowledgment happens let me once again do this so this is again source and this is destination sorry for that let me delete this this is my source and this is my destination the same way my three-way handshake is successful yeah my connection established this is the face where your connection is established what is the next step it's a payload it's your actual data so here I see a lot of TCP duplicate acknowledgment along with retransmission so if you actually see this see here again from the time to live my packets are not routed so here the actual retransmission happens because it's CC here I have no connection it proves I have no connection it keeps sending duplicate acknowledgment because I don't have Network my network is down from The Source there is no network connection to the destination so I have something problem with my network here so I keep sending this duplicate acknowledgment and finally here it happened because congestion because of latency see here no actual payload is all of your TCP segment lens so my TCP settlement length is zeros it means that no data has been transferred across so it's keep asking me I did get the packet can you send it back again so it's going to keep on sending the acknowledgment until I get a re-transmission back so this is how you can you know rule out your issues so the very fast way of finding the problem instead of scratching your head for a long time and you have no clue of where the problem is with the help of Wireshark and with the proper filters so I didn't apply any filter on top of this if I just follow the conversation TCP conversation you can see the filter has been Auto populated right back here so it says this is my source Port right 61918 and this is my destination Port server and this is a server IP address and this is a client IP address so I get to know about all this just I have to do is apply filter conversation filter and do TCP and you will get this here right away with the help of filters this is very very minimal amount of finding errors you will find you know you have help you have lot of errors that you encounter every day but you have no clue of what exactly happened in the happening in the background but with the help of Wireshark you will get to know how to rule out this issue so if you are familiar with Wireshark then it is a cakewalk for you to find out the problems in your network so this is all about uh Wireshark and TCP and I hope that everybody they got no more understanding about tcpip and what is TCP out of order what is re-transmission what is this three-way handshake and how do I apply filters in Wireshark so in the real classes you will get more scenarios more troubleshooting more Hands-On and you will go deep about every single protocol so now we got a glimpse about what is DNS and how this DNS how this DNS query happening and if we want to find out why the DNS query who is not sending a response back for my DNS query if is it a source or destination or if it is a TLS handshake where is a problem is it a problem with the server or client is it a problem with the certificate so you will get to know about all that you will get the complete insight and you can decode everything with the help of fire sure so this this is all about this uh Pi shark webinar and I hope that everybody would understand and they got a solid understanding at least a basic solid understanding about TCP and what is the use of Wireshark and how you can you know filter the packets using Wireshark so now I am going to unmute everyone and you can ask your questions hello yeah hello uh so my question is suppose the communication like that's SSL handset yeah yeah like Source IPS my uh like 10. server okay and and destination my is 172.20.10 it's okay and how we can check the SSL handset is complete or not complete okay so example if you look at here uh let me drill out this okay let me put this as a TCP okay so see if you actually see this this is client hello and this is it is server hello so I if I get a server hello server is responding back right so if I get a server hello the connection establishment is successful and then again one the client and server hello happens here exactly your security handshake happens and here if you see your actual data it's been sended across here it's actual payload happens here but the client hello and server hello should be successful one day then the security handshake happens and then your actual data payload will be sent from the source to destination okay and and what is the next parameter we can check SSL handset no we have one packet you can open like like we normally we have checked Source a b destination ipu yeah yeah for SSL what is the next what is the extra parameter we can check no no if you're if what I'm saying you see if your client for your client hello you're so you got your server hello it means that it's you got the server hello back it means that the connection is successful then it's exchanging the security no the security handshake happens here so if this side perspect happens here your actual data transfer is happening so that's it from if you are at this place then your connection is established successfully there is no problem with your communication here if I am not getting a server hello if I am not getting a server hello then it is a problem with the server okay so if I but here I got the server hello but we have to do a use case where we have to you know uh you have to make some you have to make some um problem with your server and the server should not respond back you should turn off your server you should give a wrong IP assignment something like that so you you cannot get a server hello back then you can find out it's a problem the server is not responding maybe the server is down or maybe something problem with the server certificates example if you get server hello and this change Cipher there is a problem with this change Cipher if there is an error here then you can say it's a problem who is doing that so why where the change Cipher error happening is it on the server or client so it depends it depends on the scenario you have to replicate the issue only then we can figure out it's a problem with the client or server okay [Music]

Info

Channel: Skilled Inspirational Academy(www.sianets.com)

Views: 26,864

Rating: undefined out of 5

Keywords: siants, skilled inspirational academy, Wireshark Tutorial for BEGINNERS, How to Capture Network Traffic, intro to wireshark, wireshark, how to use wireshark, wireshark class, wireshark masterclass, introduction to wireshark, network analysis with wireshark, wireshark course, free wireshark training, getting started with wireshark, wireshark for beginners, wireshark tutorial, wireshark training, wireshark tips, traffic capture, wireshark basics, wireshark interface

Id: byL8VMEMC0M

Channel Id: undefined

Length: 52min 36sec (3156 seconds)

Published: Sat Feb 18 2023