Virtual Wireshark Training by Marcelle Lee (Day 1 of 4)
April 29 @ 4:00 pm - 6:00 pm
Analysis of network traffic can provide a wealth of forensic data and is an essential aspect of many fields of cybersecurity work, including incident response, security operations, and malware analysis. Artifacts obtained through network traffic analysis can reveal hacker techniques and methodologies, such as the use of malware, network traversal, privilege escalation, the establishment of persistence, and data exfiltration. Even relatively “normal” traffic can reveal eye-opening data about user activity.
In this series of training sessions, we will cover the basics of network traffic flow, including topics such as the OSI model and TCP/IP stack, ports and protocols, and packet headers. From there, we will dive into using Wireshark to examine custom packet captures showing a variety of network activity. Participants will learn how to capture their own traffic, and will also be provided with the custom captures and solutions.
Sessions will be recorded so don’t worry if you cannot attend them all. We will also have a Slack site for student chat and resource sharing.
No special equipment is required for this training, just access to a computer and Wireshark, which is available for Mac, Linux, and Windows.
* Session 1: Introduction, networking fundamentals, getting started with Wireshark, application layer
* Session 2: Assignment review, review of transport layer
* Session 3: Assignment review, review of internet layer
* Session 4: Assignment review, review of network access layer, capstone challenge