Skip to main content
Room Banner
Back to all walkthroughs
Room Icon

Wireshark: Traffic Analysis

Premium room

Learn the basics of traffic analysis with Wireshark and how to find anomalies on your network!

medium

120 min

58,368

User profile photo.
User profile photo.

To access material, start machines and answer questions login.

Set up your virtual environment

To successfully complete this room, you'll need to set up your virtual environment. This involves starting the Target Machine, ensuring you're equipped with the necessary tools and access to tackle the challenges ahead.
Lab machine
Status:Off

In the previous two rooms, we have covered how to use Wireshark and do packet-level searches. Now, it is time to investigate and correlate the packet-level information to see the big picture in the network traffic, like detecting anomalies and malicious activities. For a security analyst, it is vital to stop and understand pieces of information spread in packets by applying the analyst's knowledge and tool functionality. This room will cover investigating packet-level details by synthesizing the analyst knowledge and Wireshark functionality for detecting anomalies and odd situations for a given case.

Prerequisites

Setup and Environment

Before moving forward, start the Lab Machine by clicking the Start Lab Machine button below. The machine will start in split view and will take about two minutes to load. In case the machine is not visible, you can click the Show Split View button at the top of the task.

You can use this Lab Machine to follow along with the walkthrough and make the exercises at the end of this room.

Note: DO not directly interact with any domains and IP addresses in this room. The domains and IP addresses are included only for reference reasons.

Answer the questions below
Read the task above.