- Trends in cyberattacks
- Preventing system compromise
- Analyzing packets
- Using Wireshark
- Creating firewall rules
- Baselining a network
- Using capture filters
- Using a ring buffer
- Handling OSI layer attacks
- Identifying attack signatures
- Using VirusTotal
- Handling unwanted TOR activity
Skill Level Intermediate
- [Instructor] Hello, I'm Lisa Bock, and I'm a security ambassador, and I'm super excited that you can join me for Wireshark: Malware and Forensics. Routinely examining network traffic is important in an organization as part of an overall security framework. In this course, we will analyze network traffic using Wireshark, a free and open source packet analysis tool. Participants will learn how Wireshark can uncover advanced persistent threats on a network that elude detection and hide in plain sight.
I'll first review cyber attacks and trends and why you should do deep packet analysis using Wireshark and tshark and review how to tap into your network. I'll dive into a capture overview, including baselining the network, displaying capture filters, and coloring rules to highlight potential malware signatures. I'll look at unusual traffic and indications of compromise. I'll discuss ports associated with malware and common attack signatures.
I'll finish up with some case studies and what to look for when trying to uncover potential problems on your own network. Are you ready? Let's get started.
Troubleshooting Your Network with Wiresharkwith Lisa Bock2h 35m Intermediate
Insights from a Cybersecurity Professionalwith Mike Chapple32m 15s Intermediate
1. Deep Packet Analysis
2. Capture Overview
3. Unusual Traffic
4. Case Studies
Next steps1m 30s
- Mark as unwatched
- Mark all as unwatched
Are you sure you want to mark all the videos in this course as unwatched?
This will not affect your course history, your reports, or your certificates of completion for this course.Cancel
Take notes with your new membership!
Type in the entry box, then click Enter to save your note.
1:30Press on any video thumbnail to jump immediately to the timecode shown.
Notes are saved with you account but can also be exported as plain text, MS Word, PDF, Google Doc, or Evernote.