This video demonstrates how tcpdump works as a network traffic evidence acquisition tool.
- [Narrator] Imagine that I'd like to intercept all … the Secure Shell traffic on my … Ubuntu operating system or OS. … To accomplish this goal type sudo tcpdump … - s 0 port ssh. … - s 0 here is a option that allows me to capture … an entire packet. … Port ssh indicates that I'm only interested in packets … coming in and going out of my local secure shell server. … Press Enter. … Type the password. … By pressing Enter I just executed this command. … Now tcpdump is waiting for a secure shell packet to appear. … To generate the packets of our interest … I can open a terminal window on another VM … and sign onto the secure shell server. … Type ssh space user name instructor@ the I.P. address … of the secure shell server … which is 10.35.4.150 … and press Enter. … Type the password. … Now you're successfully signed onto … the remote secure shell server. … Here you can see the packets being exchanged … in the tcpdump terminal. … Now let me quit tcpdump. … In this example I sent the tcpdump ouput …
- Goals of network forensics
- Using a syslog and Microsoft Log Parser
- Investigating network traffic
- How protocol analysis works
- ARP and DNS poisoning
- Working with network forensics tools
- Using packet sniffers
Skill Level Intermediate
Learning Cryptography and Network Securitywith Lisa Bock1h 45m Intermediate
Insights from a Cybersecurity Professionalwith Mike Chapple32m 15s Intermediate
What you should know2m 11s
1. Understanding Network Forensics
2. Preparing for a Network Forensics Investigation
3. Investigating Network Events
4. Investigating Network Traffic
5. Network Forensics Tools
Next steps1m 15s
- Mark as unwatched
- Mark all as unwatched
Are you sure you want to mark all the videos in this course as unwatched?
This will not affect your course history, your reports, or your certificates of completion for this course.Cancel
Take notes with your new membership!
Type in the entry box, then click Enter to save your note.
1:30Press on any video thumbnail to jump immediately to the timecode shown.
Notes are saved with you account but can also be exported as plain text, MS Word, PDF, Google Doc, or Evernote.