Advanced Cyber Defense Analysis with Wireshark
As a member of the security team, you will need to have the skills required to help with mitigating potential attacks. This course will prepare you to use the Wireshark utility to help in this mitigation.
What you'll learn
As a member of the security team, it will be useful to know the capabilities of the Wireshark utility and how it can be used to extend your capabilities as a network engineer. In this course, Advanced Cyber Defense Analysis with Wireshark, you’ll go over several methods of using Wireshark that will enable you as a network engineer/consultant to mitigate attacks and perform advanced network analysis. First, you’ll learn how to validate the performance of a firewall and its rule sets. Next, you’ll explore how to investigate unsecure protocols and their traffic. Finally, you’ll discover how to extract objects from common protocols and export them. Upon completion of this course, you’ll have the skills and knowledge required to utilize Wireshark for firewall validation, unsecure protocol analysis, and object extraction.
Table of contents
- Module Introduction 2m
- Setting the Stage 2m
- Creating a Learning Environment 3m
- Reviewing Common Attack Types 5m
- Common Firewall Rule Misconfigurations 4m
- Briefing Wireshark Features for Analysis 5m
- Demo: Basic Wireshark and Firewall Displays 6m
- Demo: Discovery Scans of the Inside Network 3m
- Demo: Port Scans to Specific Host (Common Techniques) 5m
- Demo: Port Scans and DoS Attack (Alternative Techniques) 8m
- Demo: Show Common Ruleset Problems 10m
- Summary 1m
- Module Introduction 1m
- Covering Common Insecure Network Protocols 4m
- Reviewing Wireshark Features for Traffic Analysis 3m
- Demo: File Transfer Protocol (FTP) 11m
- Demo: Telnet 6m
- Demo: Hypertext Transfer Protocol (HTTP) 4m
- Demo: Simple Mail Transfer Protocol (SMTP) 4m
- Demo: Internet Message Access Protocol (IMAP) 3m
- Demo: Post Office Protocol (POP) 2m
- Summary 1m
- Module Introduction 1m
- Working up to Object Extraction 5m
- Demo: File Transfer Protocol (FTP) 4m
- Demo: Hypertext Transfer Protocol (HTTP) 6m
- Demo: Simple Mail Transfer Protocol (SMTP) 3m
- Demo: Internet Message Access Protocol (IMAP) 3m
- Demo: Post Office Protocol (POP) 2m
- Demo: Server Message Block (SMB) 3m
- Summary 1m
About the author
Sean Wilkins, with over two decades of experience in the IT industry, serves as a distinguished networking consultant and contributor at Tech Building Blocks. His professional journey spans multiple prominent enterprises, underlining his extensive field expertise. Sean's credentials include esteemed certifications from Cisco (CCNP/CCDP), Microsoft (MCSE), and CompTIA (A+ and Network+). Academically, he has achieved a Master’s of Science in Information Technology, specializing in Network Architec... more