Join Lisa Bock for an in-depth discussion in this video Downloading the exercise files, part of Troubleshooting Your Network with Wireshark.
- If you are a member of Lynda.com, you have access to the Exercise Files I use in this course. However, there are a few things I would like to show you that are not a regular part of daily network traffic. In order to discuss and view these examples we will be downloading some free examples from around the web. First we will need to visit wiresharkbook.com/studyguide.html. The Wireshark Books are comprehensive textbooks written by Laura Chappell, a leading expert in Wireshark, and teach basic through advanced Wireshark Analysis techniques.
She has many files available to download and is a great resource. So if you are interested in Wireshark certification, download the Set 1 Trace Files. Once downloaded, you will need to copy a few files from this directory. We will let this download while we visit a few other capture respositories. We'll also need to download a few files from chrissanders.org. Chris Sanders is the author of Practical Packet Analysis, using Wireshark to solve real world network problems.
Under Security Related, download arppoison and synscan, and place them in the Exercise Files. Our next file is coming directly from the Wireshark Wiki. In addition to providing sample files, the Wireshark Wiki serves as a great knowledge repository. Select 7, Crack Traces, and download teardrop.cap. Again, put this in the Exercise Files folder. The last file we need is hosted at packetlife.net.
Go ahead and download that. Now go to the Downloads folder where we will click and open with Wireshark. As you see that this file is currently saved with a .cap extension. While Wireshark will open allow you to view many different types of files, the newer Pcap NG extension allows you to add comments and open the file without having to select the correct program. I'm going to select Save and make sure that the Pcap NG is selected as Save As Type.
Let's name this file A TCP Example, and save it to the Exercise as Files. If you haven't installed Wireshark yet, you can go back in and do this, and it'll also be a good exercise in renaming and saving files. Our download from Wireshark Book is finished. Let's grab a few files from the Traces Set 1. Find arp-badpadding.pcapng and copy it into the Exercise Files folder. Next, find ftp-crack.pcap and copy it into the Exercise Files folder. Copy and paste the files icmp destination unreachable.pcap, and icmp lots of stuff.pcap into the Exercise Files folder.
Finally, find sec which is security, just a scan and sec-macof.pcap. And copy them to the Exercise Files folder. Now we're ready to go.
- Exploring the Wireshark interface
- Using display and capture filters
- Dissecting the OSI model
- Analyzing TCP, IPv4, and other protocols
- Detecting denial-of-service attacks and password attacks
- Using security tools for ethical hacking