Sumario: | Packet analysis using Wireshark is one of the most critical hands-on skills to have as a security practitioner. It is also a versatile skill, spanning many facets of cybersecurity. If you read a technical report on network security, threat intelligence, or even application security, Wireshark is commonly used and referenced. Packet analysis and Wireshark are used in system administration, troubleshooting networks, incident response, and forensics. In this course, learners will learn the basics of packet analysis, looking at and understanding network traffic, and using real network traffic in exercises. Basics including network packet, the Open Systems Interconnection model (OSI) model, and a packet capture (PCAP) file will be introduced. Demonstrations include using Wireshark to reconstruct a conversation between two computers, extract pictures from a PCAP file, extract credentials that were sent insecurely on a network, and analyze maltraffic. What you'll learn and how you can apply it What a network packet is and how it encapsulates the OSI model The dangers of sending sensitive data unencrypted, "in-the-clear," over an open or untrusted network The difference between encoding and encryption And you'll be able to: Reconstruct files (e.g., images, video, audio, apps) from network traffic. Catch sensitive information (including usernames and passwords) from network traffic. Verify sensitive information without illegally logging into a system without permission. Filter network traffic by IP address(es), protocol, and even by strings. Analyze network traffic containing malware. This course is for you because... You're a software engineer or web developer who wants to know more on how things work on the network level. You're a security practitioner and want to understand how things (i.e., the network, network communications under the hood) really work -beyond just using security tools (e.g., Ettercap, Kismet, Xplico, NetworkMiner). You want to become a network engineer or specialist. You have aspirations to work in network security or threat intelligence. Prerequisites: Basic working knowledge of computers, including installing software, uploading and downloading content, hardware, and software Rudimentary knowledge of computer security concepts such as plaintext, encryption/decryption, malware.
|