Brainstorm Private Consulting

Home
Anomaly Detection and War Game
Theory, Algorithms and Cyber War Game
Anomaly Detection
Theory, Algorithms and Applications
Networking and Cyber Security
Networking and TCP/IP model
Network analyzers
Network programming
Man in the middle attacks
Denial of service attacks
Introduction to TCP/IP

training

Network Analyzers - Wireshark

Description
This is the second (out of five) session in the Networking and Cyber Security course. In this session we will explore and understand the concept and operation of network analyzers. We will obtain basic and advanced skills in using Wireshark. We will investigate messages and sessions and we will dive into the packets. We will use many examples and real life demos.

Objectives
After you complete this course you will be able to operate Wireshark network analyzer. You will be able to analyze TCP/IP messages and packets and draw conclusions regarding the network activity.

Duration
1 day

Outline

Network Analyzers
Concept and use cases
Defense vs. offense
Sniffing networks

Wireshark
Overview, architecture and features
Configuration and operation
Capturing from live networks
Analysis of packets and sessions
Filtering and statistics

Use cases and demos
FTP sessions and sniffing of passwords
Telnet sessions and sniffing of passwords
VoIP and call reconstruction
HTTP sessions
HTTP sessions with authentication and sniffing of passwords

Advanced topics
Sniffing of HTTPS sessions and decrypting of SSL streams
Writing a custom Wireshark dissector plugin
Command line tools and options

Sample Presentation