Posts

Wireshark: Information Gathering + Helpful Tools

Image
 Introduction Hello and welcome to my second post about Wireshark. In this post I’m going to go over some more tips that will come in handy in your packet capture analysis and I will also demonstrate finding malware with Wireshark. Weather you are doing network troubleshooting or doing some security analysis it is important to know your network protocols. The reason is that each protocol holds different and important information about the systems in the capture. This information will not only tell you what is going on in the network it will also include hostnames, usernames, the domain they belong to, and what the device is. Captures can also have thousands of packets and having a good grasp on these protocols will make it easier to sort through captures to find the information you need, locate network problems and even attacks. Starting out I’ll show you some protocols that holds that important information and by the end I’ll take all these methods and apply them to find malicio...
Post a Comment
Read more

Wireshark: Beginner Tips & Tutorial

Image
Introduction For those of you that are unfamiliar with Wireshark. It is an open-source application that be used to capture packets that are being transferred across a local network to be analyzed. What sets Wireshark apart from the rest is the ability it gives its users to sort through the thousands of packets to find specific network activity. Because of this Wireshark is widely used in the IT industry. Some cases that Wireshark is used is for are network troubleshooting, monitoring, securing networks and even as a learning tool. A common misconception of Wireshark is that it will alert users of any malicious activity. Wireshark only captures packets, and then filters are applied to make it more understandable for users. That doesn’t mean that users can’t use it to identify that activity. With the right filters and user customizations users can easily identify what is going on in the network. My goal for this first Wireshark blog is that you as a reader will understand more on what Wi...
Post a Comment
Read more