Analyzing network traffic is very important to understand what is happening over the wire.
Wireshark is the most popular packet capturing tool, but also provides a lot of under-used utilities for network traffic analysis, especially with very large PCAPs
What you will learn
After completing this scenario you will: - How to get a bird's-eye view of the kind of traffic captured in a given PCAP file - Following TCP/UDP streams - Checking for Wireshark's built-in Expert Information analysis - Exporting embedded files captured in data streams - basics of using display filters to narrow down interesting packets.
This scenario contains one virtual machine.
Please install wireshark before beginning this scenario
Credits for challenges
Pentest Cyprus Team QSecure Cyprus HITB Singapore Akir4 (b00t2root)
- TIME240 MINUTES
- COST10 CRYSTALS